Alerts This Week
Warning Icon 1 933
Alerts This Week
Warning Icon 1 933

Fedora 33: FEDORA-2021-324479472c Moderate: Sudo Race Condition

fedora
Calendar Grey January 19, 2021
Dist Fedora Esm H88
Ubuntu Upgrade Announcement UBUNTU-2021-225898321d addresses vulnerabilities in systemd, improving defense against elevation of privileges and exploitation attempts.
Rebase to 1.9.5p1 - updated sudo url Resolves: rhbz#1902758 - enabled python plugin as a subpackage Resolves: rhbz#1909299 - fixed double free in sss_to_sudoers Resolves: rhbz#1885...

Summary

Sudo (superuser do) allows a system administrator to give certain

users (or groups of users) the ability to run some (or all) commands

as root while logging all commands and arguments. Sudo operates on a

per-command basis. It is not a replacement for the shell. Features

include: the ability to restrict what commands a user may run on a

per-host basis, copious logging of each command (providing a clear

audit trail of who did what), a configurable timeout of the sudo

command, and the ability to use the same configuration file (sudoers)

on many different machines.

Rebase to 1.9.5p1 - updated sudo url Resolves: rhbz#1902758 - enabled python

plugin as a subpackage Resolves: rhbz#1909299 - fixed double free in

sss_to_sudoers Resolves: rhbz#1885874 - fixed CVE-2021-23239 sudo: possible

directory existence test due to race condition in sudoedit Resolves:

rhbz#1915055 - fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz#1915054

* Mon Jan 18 2021 Radovan Sroka - 1.9.5p1-1

- rebase to 1.9.5p1

- updated sudo url

Resolves: rhbz#1902758

- enabled python plugin as a subpackage

Resolves: rhbz#1909299

- fixed double free in sss_to_sudoers

Resolves: rhbz#1885874

- fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit

Resolves: rhbz#1915055

- fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit

Resolves: rhbz#1915054

[ 1 ] Bug #1915052 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit

https://bugzilla.redhat.com/show_bug.cgi?id=1915052

[ 2 ] Bug #1915053 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit

https://bugzilla.redhat.com/show_bug.cgi?id=1915053

su -c 'dnf upgrade --advisory FEDORA-2021-324479472c' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory moderate security update security issue fedora Fedora sudo race condition SELinux python plugin selinux attack

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 33
Version: 1.9.5p1
Release: 1.fc33
URL: Summary : Allows restricted root access for specified users

Topics%20covered

Topics Covered

security advisory moderate security update security issue fedora Fedora sudo race condition SELinux python plugin selinux attack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here