Overview

File _patchinfo of Package patchinfo.14063

<patchinfo incident="14063">
  <issue tracker="cve" id="2019-18634"/>
  <issue tracker="bnc" id="1162675">sudo -l asks for password despite setting listpw=never ( sudo Bug number 869 ) - ref:_00D1igLOd._5001iKJRFr:ref</issue>
  <issue tracker="bnc" id="1162202">VUL-0: CVE-2019-18634: sudo: if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process</issue>
  <packager>kstreitova</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for sudo</summary>
  <description>This update for sudo fixes the following issues:

Security issue fixed:

- CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers (bsc#1162202).

Non-security issue fixed:

- Fixed an issue where sudo -l would ask for a password even though `listpw` was set to `never` (bsc#1162675).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places