Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.5652
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5652
<patchinfo incident="5652"> <issue tracker="bnc" id="1153674">VUL-0: CVE-2019-14287: EMBARGOED: sudo: -1 uid issue</issue> <issue id="1053911" tracker="bnc">sudo insults enabled by default</issue> <issue id="1058297" tracker="bnc">L3-Question: can't enable compression with sudo-io logging</issue> <issue id="1068003" tracker="bnc">sudo slow trying to resolve all supplementary groups</issue> <issue tracker="cve" id="2019-14287"/> <category>security</category> <rating>important</rating> <packager>kstreitova</packager> <description>This update for sudo provides the following fix: Security issue fixed: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers (bsc#1153674). Other issues fixed: - Cache resolved group names as calling getgrgid() is expensive and on systems connected to AD with many users, groups or sudo rules it causes sudo to take a long time to run (bsc#1068003). - Disable insults by default at build time. For new installations this was done via sudoers file, but when upgrading from previous versions it would accidentally be enabled (bsc#1053911). - Enable support for zlib compressed I/O logs (bsc#1058297). </description> <summary>Security update for sudo</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor