Bug Fix Advisory sudo bug fix update

Advisory: RHBA-2009:0263-2
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-05-18
Last updated on: 2009-05-18
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: N/A

Details

An updated sudo package that fixes one bug is now available.

The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root with logging.

This update fixes one bug:
* when run, the sudo command removes all but a small group of environment
variables. Previously, the Kerberos environment variable KRB5CCNAME was not
among the variables retained. This prevented Kerberos from working with
sudo when credentials not in the standard directory in /tmp were required.
For example, Kerberos could not be used with sudo in a Windows Active
Directory environment. Sudo now retains the KRB5CCNAME environment
variable, allowing Kerberos to work with sudo correctly.

All users of sudo should upgrade to this updated package, which resolves
this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
sudo-1.6.7p5-30.1.5.src.rpm     eefd6dead2f87cc684123bfb52d3954f
 
IA-32:
sudo-1.6.7p5-30.1.5.i386.rpm     c980b77cb2d72cd4a63f4c41b118c677
 
x86_64:
sudo-1.6.7p5-30.1.5.x86_64.rpm     1c95b7528efe04f17b4ee5fa2496f028
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
sudo-1.6.7p5-30.1.5.src.rpm     eefd6dead2f87cc684123bfb52d3954f
 
IA-32:
sudo-1.6.7p5-30.1.5.i386.rpm     c980b77cb2d72cd4a63f4c41b118c677
 
IA-64:
sudo-1.6.7p5-30.1.5.ia64.rpm     9cabcd40c1ebd1fffcb461a8ffb8b175
 
PPC:
sudo-1.6.7p5-30.1.5.ppc.rpm     6f361f9891203443799d0972efe44789
 
s390:
sudo-1.6.7p5-30.1.5.s390.rpm     fc2e973cb2443d8cf6fb69c8b2abc2bd
 
s390x:
sudo-1.6.7p5-30.1.5.s390x.rpm     809a22f94b7aefb6448258e77a907bd0
 
x86_64:
sudo-1.6.7p5-30.1.5.x86_64.rpm     1c95b7528efe04f17b4ee5fa2496f028
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
sudo-1.6.7p5-30.1.5.src.rpm     eefd6dead2f87cc684123bfb52d3954f
 
IA-32:
sudo-1.6.7p5-30.1.5.i386.rpm     c980b77cb2d72cd4a63f4c41b118c677
 
IA-64:
sudo-1.6.7p5-30.1.5.ia64.rpm     9cabcd40c1ebd1fffcb461a8ffb8b175
 
x86_64:
sudo-1.6.7p5-30.1.5.x86_64.rpm     1c95b7528efe04f17b4ee5fa2496f028
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
sudo-1.6.7p5-30.1.5.src.rpm     eefd6dead2f87cc684123bfb52d3954f
 
IA-32:
sudo-1.6.7p5-30.1.5.i386.rpm     c980b77cb2d72cd4a63f4c41b118c677
 
IA-64:
sudo-1.6.7p5-30.1.5.ia64.rpm     9cabcd40c1ebd1fffcb461a8ffb8b175
 
x86_64:
sudo-1.6.7p5-30.1.5.x86_64.rpm     1c95b7528efe04f17b4ee5fa2496f028
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

465906 - Exclude kerberos environement from being removed from sudo.


Keywords

sudo

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/