SUSE-SU-2017:1450-1 -- SLES sudoID: oval:org.secpod.oval:def:89044752 | Date: (C)2021-07-20 (M)2023-12-07 |
Class: PATCH | Family: unix |
This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for hostname. [bsc#1024145] - Filter netgroups, they aren"t handled by SSSD. [bsc#1015351] - Fix problems related to krb5_ccname option [bsc#981124]
Platform: |
SUSE Linux Enterprise Server 12 SP2 |