Issued:
2019-10-24
Updated:
2019-10-24

RHSA-2019:3204 - Security Advisory

Synopsis

Important: sudo security update

Type/Severity

Security Advisory: Important

Topic

An update for sudo is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.

Security Fix(es):

  • sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword (CVE-2019-14287)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
  • Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le

Fixes

  • BZ - 1760531 - CVE-2019-14287 sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword

CVEs

References

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5

SRPM
sudo-1.8.19p2-14.el7_5.1.src.rpm SHA-256: 1b8a354a340933f23e3e4f98f115a052cc432b9eb376001d673456f63005c697
x86_64
sudo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: cbaa264d83f231f2dd7b08ac2518e07fa9eb12ccf525733d7937972389af31ed
sudo-debuginfo-1.8.19p2-14.el7_5.1.i686.rpm SHA-256: 06a4f20edba53ebfa38ffab37bba6be96317e9c2b581536fad339d61f1005ca0
sudo-debuginfo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: ea4018cc48271a2a2f1c68312f6ad456fb539e355c1e0af85e24dea71e975f09
sudo-debuginfo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: ea4018cc48271a2a2f1c68312f6ad456fb539e355c1e0af85e24dea71e975f09
sudo-devel-1.8.19p2-14.el7_5.1.i686.rpm SHA-256: e541de81bff8f5a38bc797e0acca7bda44c726e8267992aa0be9251c87d8cd84
sudo-devel-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: 1ac7bfbb7d062b211db24291182cdf541060af240eab26c987e5eeb07f67ed18

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5

SRPM
sudo-1.8.19p2-14.el7_5.1.src.rpm SHA-256: 1b8a354a340933f23e3e4f98f115a052cc432b9eb376001d673456f63005c697
s390x
sudo-1.8.19p2-14.el7_5.1.s390x.rpm SHA-256: f9e0e3fca11c032b610d695286b39bfe5633b3a547a7ae3a62274029e457df54
sudo-debuginfo-1.8.19p2-14.el7_5.1.s390.rpm SHA-256: df8a78bc0183269f5eabab9c9a626a681e52f85b896b45c3b2049a09d6c86a53
sudo-debuginfo-1.8.19p2-14.el7_5.1.s390x.rpm SHA-256: ec63d7ce748f9615ea2e075b31dde5b2b3e72649d676dfed91d8c7f8cf861a0f
sudo-debuginfo-1.8.19p2-14.el7_5.1.s390x.rpm SHA-256: ec63d7ce748f9615ea2e075b31dde5b2b3e72649d676dfed91d8c7f8cf861a0f
sudo-devel-1.8.19p2-14.el7_5.1.s390.rpm SHA-256: 8abd989d55ae33d9ecb6f8a211c6b266117f8e6e056b252924341a47d80c7f91
sudo-devel-1.8.19p2-14.el7_5.1.s390x.rpm SHA-256: b417a500e619768d0de4c4fbebee1c1f113b2d4a646509fbcb0b10827b584c40

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5

SRPM
sudo-1.8.19p2-14.el7_5.1.src.rpm SHA-256: 1b8a354a340933f23e3e4f98f115a052cc432b9eb376001d673456f63005c697
ppc64
sudo-1.8.19p2-14.el7_5.1.ppc64.rpm SHA-256: 104ecab463d8b6eeab42d99b883a1c83a04ff9396679e9d4494db98746943701
sudo-debuginfo-1.8.19p2-14.el7_5.1.ppc.rpm SHA-256: 1b4b86bb2e597a6bedcc9a3e2968ede9d8a670293a80b5a9ab775b0dc0dfa171
sudo-debuginfo-1.8.19p2-14.el7_5.1.ppc64.rpm SHA-256: fc37ae8955e945827dd3e7e875f9bcbf61c5db4b64846235dc0bb61ffa1dadbf
sudo-debuginfo-1.8.19p2-14.el7_5.1.ppc64.rpm SHA-256: fc37ae8955e945827dd3e7e875f9bcbf61c5db4b64846235dc0bb61ffa1dadbf
sudo-devel-1.8.19p2-14.el7_5.1.ppc.rpm SHA-256: 91a326a759ab30dcb2d0960db651574fe63cf82157bf3e336e5afefbc5284e14
sudo-devel-1.8.19p2-14.el7_5.1.ppc64.rpm SHA-256: 5d28b6453b0a3cf1d8c0cdfa15cec91c0001211abc151fee923955eb07bae9f6

Red Hat Enterprise Linux EUS Compute Node 7.5

SRPM
sudo-1.8.19p2-14.el7_5.1.src.rpm SHA-256: 1b8a354a340933f23e3e4f98f115a052cc432b9eb376001d673456f63005c697
x86_64
sudo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: cbaa264d83f231f2dd7b08ac2518e07fa9eb12ccf525733d7937972389af31ed
sudo-debuginfo-1.8.19p2-14.el7_5.1.i686.rpm SHA-256: 06a4f20edba53ebfa38ffab37bba6be96317e9c2b581536fad339d61f1005ca0
sudo-debuginfo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: ea4018cc48271a2a2f1c68312f6ad456fb539e355c1e0af85e24dea71e975f09
sudo-debuginfo-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: ea4018cc48271a2a2f1c68312f6ad456fb539e355c1e0af85e24dea71e975f09
sudo-devel-1.8.19p2-14.el7_5.1.i686.rpm SHA-256: e541de81bff8f5a38bc797e0acca7bda44c726e8267992aa0be9251c87d8cd84
sudo-devel-1.8.19p2-14.el7_5.1.x86_64.rpm SHA-256: 1ac7bfbb7d062b211db24291182cdf541060af240eab26c987e5eeb07f67ed18

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5

SRPM
sudo-1.8.19p2-14.el7_5.1.src.rpm SHA-256: 1b8a354a340933f23e3e4f98f115a052cc432b9eb376001d673456f63005c697
ppc64le
sudo-1.8.19p2-14.el7_5.1.ppc64le.rpm SHA-256: f32464d14e454ea14233eb15eecb5948c5931dc4f137f68b2fba722dcd1156a4
sudo-debuginfo-1.8.19p2-14.el7_5.1.ppc64le.rpm SHA-256: d0d1ecbe099859eeaa82369a30081f518f0d74a7e22e0ad086bc11e37354a67d
sudo-debuginfo-1.8.19p2-14.el7_5.1.ppc64le.rpm SHA-256: d0d1ecbe099859eeaa82369a30081f518f0d74a7e22e0ad086bc11e37354a67d
sudo-devel-1.8.19p2-14.el7_5.1.ppc64le.rpm SHA-256: 27c4939f5e7dcca5b580551dd8d5d53c9ca566454579129cb9ebaf69e98f238d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.