SUSE-SU-2015:1020-1

This security issue was fixed: - CVE-2014-8169: Prevent potential privilege escalation via interpreter load path for program-based automount maps (bnc#917977).

These non-security issues were fixed: - Dont pass sloppy option for other than nfs mounts (bnc#901448, bnc#916203) - Fix insserv warning at postinstall (bnc#913376) - Fix autofs.service so that multiple options passed through sysconfig AUTOFS_OPTIONS work correctly (bnc#909472)

References

Affected packages

SUSE:Linux Enterprise Desktop 12 / autofs

Package

Name: autofs
Purl: pkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Desktop%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.9-8.1

Ecosystem specific

{
    "binaries": [
        {
            "autofs": "5.0.9-8.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 / autofs

Package

Name: autofs
Purl: pkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Server%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.9-8.1

Ecosystem specific

{
    "binaries": [
        {
            "autofs": "5.0.9-8.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / autofs

Package

Name: autofs
Purl: pkg:rpm/suse/autofs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.9-8.1

Ecosystem specific

{
    "binaries": [
        {
            "autofs": "5.0.9-8.1"
        }
    ]
}