[Oraclevm-errata] OVMSA-2016-0170 Moderate: Oracle VM 3.3 sudo security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Dec 6 19:11:45 PST 2016
Oracle VM Security Advisory OVMSA-2016-0170
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
sudo-1.8.6p3-25.el6_8.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/sudo-1.8.6p3-25.el6_8.src.rpm
Description of changes:
[1.8.6p3-25]
- Update noexec syscall blacklist
- Fixes CVE-2016-7032 and CVE-2016-7076
Resolves: rhbz#1391937
[1.8.6p3-24]
- RHEL-6.8 erratum
- fixed a bug causing that non-root users can list privileges of
other users
Resolves: rhbz#1312481
[1.8.6p3-23]
- RHEL-6.8 erratum
- fixed handling of closefrom_override defaults option
Resolves: rhbz#1309976
[1.8.6p3-22]
- RHEL-6.8 erratum
- fixed potential getcwd failure, resulting in Null pointer exception
Resolves: rhbz#1284886
[1.8.6p3-21]
- RHEL-6.8 erratum
- fixed sssd's detection of user with zero rules
Resolves: rhbz#1220480
[1.8.6p3-21]
- RHEL-6.8 erratum
- search also by user id when fetching rules from LDAP
Resolves: rhbz#1135531
[1.8.6p3-21]
- RHEL-6.8 erratum
- fixed ldap's and sssd's sudoOption value and remove quotes
- fixed ldap's and sssd's sudoOption whitespaces parse problem
Resolves: rhbz#1144422
Resolves: rhbz#1279447
[1.8.6p3-21]
- RHEL-6.8 erratum
- removed defaults option requiretty from /etc/sudoers
- backported pam_service and pam_login_service defaults options
- implemented a new defaults option for changing netgroup processing
semantics
- fixed visudo's quiet cli option
Resolves: rhbz#1248695
Resolves: rhbz#1247231
Resolves: rhbz#1241896
Resolves: rhbz#1197885
Resolves: rhbz#1233205
[1.8.6p3-20]
- added patch to re-introduce old group processing behaviour
Resolves: rhbz#1075836
More information about the Oraclevm-errata
mailing list