sudo security, bug fix, and enhancement update

2016-11-0900:00:00

linux.oracle.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

[1.8.6p7-20]

RHEL 7.3 erratum
- fixed visudo’s -q flag
  Resolves: rhbz#1350828
  [1.8.6p7-19]
RHEL 7.3 erratum
- removed INPUTRC from env_keep to prevent a potential info leak
  Resolves: rhbz#1340700
  [1.8.6p7-18]
RHEL 7.3 erratum
- removed requiretty flag from the default sudoers policy
- backported pam_service and pam_login_service defaults options
- implemented netgroup_tuple defaults option for changing netgroup
  processing semantics
- fixed user matching logic in the LDAP nss backend
- don’t allow visudo to accept an invalid sudoers file
- fixed a bug causing that non-root users can list privileges of
  other users
- modified digest check documentation to mention the raciness of
  the checking mechanism
  Resolves: rhbz#1196451
  Resolves: rhbz#1247230
  Resolves: rhbz#1334331
  Resolves: rhbz#1334360
  Resolves: rhbz#1261998
  Resolves: rhbz#1313364
  Resolves: rhbz#1312486
  Resolves: rhbz#1268958
  Resolves: rhbz#1335039
  Resolves: rhbz#1335042
  Resolves: rhbz#1335045
  Resolves: rhbz#1273243
  Resolves: rhbz#1299883

OSVersionArchitecturePackageVersionFilename
oracle linux7srcsudo< 1.8.6p7-20.el7sudo-1.8.6p7-20.el7.src.rpm
oracle linux7x86_64sudo< 1.8.6p7-20.el7sudo-1.8.6p7-20.el7.x86_64.rpm
oracle linux7i686sudo-devel< 1.8.6p7-20.el7sudo-devel-1.8.6p7-20.el7.i686.rpm
oracle linux7x86_64sudo-devel< 1.8.6p7-20.el7sudo-devel-1.8.6p7-20.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	sudo	< 1.8.6p7-20.el7	sudo-1.8.6p7-20.el7.src.rpm
oracle linux	7	x86_64	sudo	< 1.8.6p7-20.el7	sudo-1.8.6p7-20.el7.x86_64.rpm
oracle linux	7	i686	sudo-devel	< 1.8.6p7-20.el7	sudo-devel-1.8.6p7-20.el7.i686.rpm
oracle linux	7	x86_64	sudo-devel	< 1.8.6p7-20.el7	sudo-devel-1.8.6p7-20.el7.x86_64.rpm

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for ELSA-2016-2593