Recommended update for sudo

Announcement ID: SUSE-RU-2020:14370-1
Rating: important
References:
Affected Products:
  • SUSE Linux Enterprise Point of Service 11 SP3
  • SUSE Linux Enterprise Server 11 SP4
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4

An update that has two fixes can now be installed.

Description:

This update for sudo fixes the following issues:

  • Check if the monitor process became an orphan when receiving SIGHUP. (bsc#1015162) Terminate the child in that case.

  • sudo is not able to resolve sudo for users when using LDAP. (bsc#1015351) SSSD doesn't handle netgroups, we have to ensure they are correctly filtered in sudo. The rules may contain mixed sudoUser specification so we have to check not only for netgroup membership but also for user and group matches.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Point of Service 11 SP3
    zypper in -t patch sleposp3-sudo-14370=1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4
    zypper in -t patch slessp4-sudo-14370=1
  • SUSE Linux Enterprise Server 11 SP4
    zypper in -t patch slessp4-sudo-14370=1

Package List:

  • SUSE Linux Enterprise Point of Service 11 SP3 (i586)
    • sudo-1.7.6p2-0.30.8.1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4 (ppc64 s390x x86_64 i586)
    • sudo-1.7.6p2-0.30.8.1
  • SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64 i586)
    • sudo-1.7.6p2-0.30.8.1

References: