A sudo security update has been released for Oracle Linux 6
Oracle Linux Security Advisory ELSA-2019-3755
http://linux.oracle.com/errata/ELSA-2019-3755.html
The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network:
i386:
sudo-1.8.6p3-29.0.1.el6_10.2.i686.rpm
sudo-devel-1.8.6p3-29.0.1.el6_10.2.i686.rpm
x86_64:
sudo-1.8.6p3-29.0.1.el6_10.2.x86_64.rpm
sudo-devel-1.8.6p3-29.0.1.el6_10.2.i686.rpm
sudo-devel-1.8.6p3-29.0.1.el6_10.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/sudo-1.8.6p3-29.0.1.el6_10.2.src.rpm
Description of changes:
[1.8.6p3-29.0.1.el6_10.2]
- Fixes [OraBug: 28747380]
sudo does not honor env_keep-="KRB5CCNAME" after "sudo -k" (isaac.chen@oracle.com)
[1.8.6p3-29.2]
- RHEL-6.10.z ERRATUM
- fixed CVE-2019-14287
Resolves: rhbz#1760684