sudo-1.8.18p1-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10551 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z sudo-1.8.18p1-1.1 on GA media These are all security issues fixed in the sudo-1.8.18p1-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10551 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10551 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2010-1163/ SUSE CVE CVE-2010-1163 page https://www.suse.com/security/cve/CVE-2010-1646/ SUSE CVE CVE-2010-1646 page https://www.suse.com/security/cve/CVE-2011-0010/ SUSE CVE CVE-2011-0010 page https://www.suse.com/security/cve/CVE-2012-2337/ SUSE CVE CVE-2012-2337 page https://www.suse.com/security/cve/CVE-2013-1775/ SUSE CVE CVE-2013-1775 page https://www.suse.com/security/cve/CVE-2013-1776/ SUSE CVE CVE-2013-1776 page openSUSE Tumbleweed sudo-1.8.18p1-1.1 sudo-devel-1.8.18p1-1.1 sudo-test-1.8.18p1-1.1 sudo-1.8.18p1-1.1 as a component of openSUSE Tumbleweed sudo-devel-1.8.18p1-1.1 as a component of openSUSE Tumbleweed sudo-test-1.8.18p1-1.1 as a component of openSUSE Tumbleweed The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. CVE-2010-1163 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-1163.html CVE-2010-1163 https://bugzilla.suse.com/594738 SUSE Bug 594738 The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable. CVE-2010-1646 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-1646.html CVE-2010-1646 https://bugzilla.suse.com/594738 SUSE Bug 594738 check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command. CVE-2011-0010 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-0010.html CVE-2011-0010 https://bugzilla.suse.com/663881 SUSE Bug 663881 sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. CVE-2012-2337 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2337.html CVE-2012-2337 https://bugzilla.suse.com/762327 SUSE Bug 762327 https://bugzilla.suse.com/826687 SUSE Bug 826687 sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. CVE-2013-1775 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1775.html CVE-2013-1775 https://bugzilla.suse.com/806919 SUSE Bug 806919 https://bugzilla.suse.com/806921 SUSE Bug 806921 https://bugzilla.suse.com/815325 SUSE Bug 815325 https://bugzilla.suse.com/845568 SUSE Bug 845568 sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. CVE-2013-1776 openSUSE Tumbleweed:sudo-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-devel-1.8.18p1-1.1 openSUSE Tumbleweed:sudo-test-1.8.18p1-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-1776.html CVE-2013-1776 https://bugzilla.suse.com/806921 SUSE Bug 806921 https://bugzilla.suse.com/817349 SUSE Bug 817349 https://bugzilla.suse.com/817350 SUSE Bug 817350