Skip to navigation

Security Advisory Moderate: sudo security and bug fix update

Advisory: RHSA-2012:1149-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-08-07
Last updated on: 2012-08-07
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2012-3440

Details

An updated sudo package that fixes one security issue and several bugs is
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.

An insecure temporary file use flaw was found in the sudo package's
post-uninstall script. A local attacker could possibly use this flaw to
overwrite an arbitrary file via a symbolic link attack, or modify the
contents of the "/etc/nsswitch.conf" file during the upgrade or removal of
the sudo package. (CVE-2012-3440)

This update also fixes the following bugs:

* Previously, sudo escaped non-alphanumeric characters in commands using
"sudo -s" or "sudo -" at the wrong place and interfered with the
authorization process. Some valid commands were not permitted. Now,
non-alphanumeric characters escape immediately before the command is
executed and no longer interfere with the authorization process.
(BZ#844418)

* Prior to this update, the sudo utility could, under certain
circumstances, fail to receive the SIGCHLD signal when it was executed
from a process that blocked the SIGCHLD signal. As a consequence, sudo
could become suspended and fail to exit. This update modifies the signal
process mask so that sudo can exit and sends the correct output.
(BZ#844419)

* The sudo update RHSA-2012:0309 introduced a regression that caused the
Security-Enhanced Linux (SELinux) context of the "/etc/nsswitch.conf" file
to change during the installation or upgrade of the sudo package. This
could cause various services confined by SELinux to no longer be permitted
to access the file. In reported cases, this issue prevented PostgreSQL and
Postfix from starting. (BZ#842759)

* Updating the sudo package resulted in the "sudoers" line in
"/etc/nsswitch.conf" being removed. This update corrects the bug in the
sudo package's post-uninstall script that caused this issue. (BZ#844420)

* Prior to this update, a race condition bug existed in sudo. When a
program was executed with sudo, the program could possibly exit
successfully before sudo started waiting for it. In this situation, the
program would be left in a zombie state and sudo would wait for it
endlessly, expecting it to still be running. (BZ#844978)

All users of sudo are advised to upgrade to this updated package, which
contains backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
sudo-1.7.2p1-14.el5_8.2.src.rpm
File outdated by:  RHSA-2014:0266
    MD5: f3b7c44d957a98d375587db97de1dddf
SHA-256: 067f25c4a99a5847ee82e21cf2c571648cbf0c2adc0df5ab15b0d71a1d238d28
 
IA-32:
sudo-1.7.2p1-14.el5_8.2.i386.rpm
File outdated by:  RHSA-2014:0266
    MD5: c262e83dab982384c6bd04a17bf64338
SHA-256: ba523f2732f67949e972516a9a67a81e3393187c246d0a83b2eb48a224cc76e5
sudo-debuginfo-1.7.2p1-14.el5_8.2.i386.rpm
File outdated by:  RHSA-2014:0266
    MD5: 8236e673758ec119ab801bb9fdf076ad
SHA-256: 47e9c41e28fb5ba4d20b8b292ede3718f6aa56313e340c7c3a0ea2e6448d631b
 
IA-64:
sudo-1.7.2p1-14.el5_8.2.ia64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 8ecc676363a5c487c6a0a0106c222d27
SHA-256: e50b8e6a43f31b898434d2593c6725f3f742c8d9a8c00ecdb5992329022f3112
sudo-debuginfo-1.7.2p1-14.el5_8.2.ia64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 62eed6a0f656edf130af47235b4eac75
SHA-256: 257812d458c9a101513b0ef57d20922fd0ae3360a799bb443fa6c6622ae500d8
 
PPC:
sudo-1.7.2p1-14.el5_8.2.ppc.rpm
File outdated by:  RHSA-2014:0266
    MD5: c5e106a67288a2a39a032a3b6cb2a3f0
SHA-256: 66aea62630ae9735aa08b1be2dfd7164a9aae9121152b7a652ceba208c3ebd61
sudo-debuginfo-1.7.2p1-14.el5_8.2.ppc.rpm
File outdated by:  RHSA-2014:0266
    MD5: 8bbbb26b56528ea616fa6f5e2dd9419e
SHA-256: 3ee1bd3f64f63c7242e5ccb245176df510e0cb4fb574bdd033ba8fa9fba751e5
 
s390x:
sudo-1.7.2p1-14.el5_8.2.s390x.rpm
File outdated by:  RHSA-2014:0266
    MD5: bb04c5427849bb1fd3eda0aef39ccc42
SHA-256: 52adaa13957f7817409987b82964a731902764f292abf4c4fe1dd8aa1208d9ad
sudo-debuginfo-1.7.2p1-14.el5_8.2.s390x.rpm
File outdated by:  RHSA-2014:0266
    MD5: 8e0dd90e1b1cd8d5e38cedc7ea38051d
SHA-256: 593ed17698edc35682821ff06162b746d79a09cc1d59c96e8f5cc085f47348be
 
x86_64:
sudo-1.7.2p1-14.el5_8.2.x86_64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 3ab28fe0607b31241f2b0b2983f23365
SHA-256: 02cc3e167cc3e0952095e26175967a9b2d1a0fc3ee9ee8a7eea097e82924204b
sudo-debuginfo-1.7.2p1-14.el5_8.2.x86_64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 31cc9787954cdd47dec6d8c567c915be
SHA-256: 9d0fd724a85d925569b10e3fa53a2052e482e5ee8096ba5e13fdf346f5f3f7c6
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
sudo-1.7.2p1-14.el5_8.2.src.rpm
File outdated by:  RHSA-2014:0266
    MD5: f3b7c44d957a98d375587db97de1dddf
SHA-256: 067f25c4a99a5847ee82e21cf2c571648cbf0c2adc0df5ab15b0d71a1d238d28
 
IA-32:
sudo-1.7.2p1-14.el5_8.2.i386.rpm
File outdated by:  RHSA-2014:0266
    MD5: c262e83dab982384c6bd04a17bf64338
SHA-256: ba523f2732f67949e972516a9a67a81e3393187c246d0a83b2eb48a224cc76e5
sudo-debuginfo-1.7.2p1-14.el5_8.2.i386.rpm
File outdated by:  RHSA-2014:0266
    MD5: 8236e673758ec119ab801bb9fdf076ad
SHA-256: 47e9c41e28fb5ba4d20b8b292ede3718f6aa56313e340c7c3a0ea2e6448d631b
 
x86_64:
sudo-1.7.2p1-14.el5_8.2.x86_64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 3ab28fe0607b31241f2b0b2983f23365
SHA-256: 02cc3e167cc3e0952095e26175967a9b2d1a0fc3ee9ee8a7eea097e82924204b
sudo-debuginfo-1.7.2p1-14.el5_8.2.x86_64.rpm
File outdated by:  RHSA-2014:0266
    MD5: 31cc9787954cdd47dec6d8c567c915be
SHA-256: 9d0fd724a85d925569b10e3fa53a2052e482e5ee8096ba5e13fdf346f5f3f7c6
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

842759 - selinux blocks postgresql startup
844420 - sudo 1.7.2p1-14.el5_8 removed sudoers line from nsswitch.conf
844442 - CVE-2012-3440 sudo: insecure temporary file use in RPM %postun script
844978 - Sudo has racecondition leaving sudo with its zombie child running forever


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/