openSUSE Recommended Update: Recommended update for pam and sudo ______________________________________________________________________________ Announcement ID: openSUSE-RU-2020:2050-1 Rating: moderate References: #1174593 #1177858 #1178727 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update for pam and sudo fixes the following issue: pam: - pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858) - Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727) - Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593) sudo: - Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-2050=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): pam-1.3.0-lp151.8.12.1 pam-debuginfo-1.3.0-lp151.8.12.1 pam-debugsource-1.3.0-lp151.8.12.1 pam-devel-1.3.0-lp151.8.12.1 pam-extra-1.3.0-lp151.8.12.1 pam-extra-debuginfo-1.3.0-lp151.8.12.1 sudo-1.8.22-lp151.5.9.1 sudo-debuginfo-1.8.22-lp151.5.9.1 sudo-debugsource-1.8.22-lp151.5.9.1 sudo-devel-1.8.22-lp151.5.9.1 sudo-test-1.8.22-lp151.5.9.1 - openSUSE Leap 15.1 (noarch): pam-doc-1.3.0-lp151.8.12.1 - openSUSE Leap 15.1 (x86_64): pam-32bit-1.3.0-lp151.8.12.1 pam-32bit-debuginfo-1.3.0-lp151.8.12.1 pam-devel-32bit-1.3.0-lp151.8.12.1 pam-extra-32bit-1.3.0-lp151.8.12.1 pam-extra-32bit-debuginfo-1.3.0-lp151.8.12.1 References: https://bugzilla.suse.com/1174593 https://bugzilla.suse.com/1177858 https://bugzilla.suse.com/1178727