sudo security, bug fix, and enhancement update

2020-05-0500:00:00

linux.oracle.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON

[1.8.29-5]

RHEL 8.2 ERRATUM
CVE-2019-18634
Resolves: rhbz#1798093
[1.8.29-4]
RHEL 8.2 ERRATUM
CVE-2019-19232
Resolves: rhbz#1786987
Resolves: rhbz#1796518
[1.8.29-2]
RHEL 8.2 ERRATUM
rebase to 1.8.29
Resolves: rhbz#1733961
Resolves: rhbz#1651662
[1.8.28p1-1]
RHEL 8.2 ERRATUM
rebase to 1.8.28p1
Resolves: rhbz#1733961
fixed man page for always_set_home
Resolves: rhbz#1576880
sudo does not work with notbefore/after
Resolves: rhbz#1679508
NOTBEFORE showing value of sudoNotAfter Ldap attribute
Resolves: rhbz#1715516
CVE-2019-14287 sudo
Privilege escalation via ‘Runas’ specification with ‘ALL’ keyword
Resolves: rhbz#1760697

OSVersionArchitecturePackageVersionFilename
oracle linux8srcsudo< 1.8.29-5.el8sudo-1.8.29-5.el8.src.rpm
oracle linux8aarch64sudo< 1.8.29-5.el8sudo-1.8.29-5.el8.aarch64.rpm
oracle linux8srcsudo< 1.8.29-5.el8sudo-1.8.29-5.el8.src.rpm
oracle linux8x86_64sudo< 1.8.29-5.el8sudo-1.8.29-5.el8.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	sudo	< 1.8.29-5.el8	sudo-1.8.29-5.el8.src.rpm
oracle linux	8	aarch64	sudo	< 1.8.29-5.el8	sudo-1.8.29-5.el8.aarch64.rpm
oracle linux	8	src	sudo	< 1.8.29-5.el8	sudo-1.8.29-5.el8.src.rpm
oracle linux	8	x86_64	sudo	< 1.8.29-5.el8	sudo-1.8.29-5.el8.x86_64.rpm