Security update for sudo SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1455-1 Final 1 1 2017-05-31T06:06:25Z current 2017-05-31T06:06:25Z 2017-05-31T06:06:25Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for sudo This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for hostname. [bsc#1024145] - Filter netgroups, they aren't handled by SSSD. [bsc#1015351] - Fix problems related to 'krb5_ccname' option [bsc#981124] This update was imported from the SUSE:SLE-12-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-05/msg00079.html E-Mail link for openSUSE-SU-2017:1455-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 sudo-1.8.10p3-9.3.1 sudo-devel-1.8.10p3-9.3.1 sudo-test-1.8.10p3-9.3.1 sudo-1.8.10p3-9.3.1 as a component of openSUSE Leap 42.2 sudo-devel-1.8.10p3-9.3.1 as a component of openSUSE Leap 42.2 sudo-test-1.8.10p3-9.3.1 as a component of openSUSE Leap 42.2 Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution. CVE-2017-1000367 openSUSE Leap 42.2:sudo-1.8.10p3-9.3.1 openSUSE Leap 42.2:sudo-devel-1.8.10p3-9.3.1 openSUSE Leap 42.2:sudo-test-1.8.10p3-9.3.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-05/msg00079.html https://www.suse.com/security/cve/CVE-2017-1000367.html CVE-2017-1000367 https://bugzilla.suse.com/1007501 SUSE Bug 1007501 https://bugzilla.suse.com/1039361 SUSE Bug 1039361 https://bugzilla.suse.com/1042146 SUSE Bug 1042146 https://bugzilla.suse.com/1077345 SUSE Bug 1077345