From 2306938c7f56d8e99494475ceb451f5a164a2cde Mon Sep 17 00:00:00 2001
From: Daniel Kopecek <dkopecek@redhat.com>
Date: Thu, 5 Nov 2015 09:50:31 +0100
Subject: [PATCH] update to 1.8.15

- fixes CVE-2015-5602
---
 .gitignore                            |  1 +
 sources                               |  2 +-
 sudo-1.8.14p3-deadcode_visudo_c.patch | 40 ---------------------------
 sudo-1.8.14p3-extra_while.patch       | 24 ----------------
 sudo.spec                             | 13 ++++-----
 5 files changed, 8 insertions(+), 72 deletions(-)
 delete mode 100644 sudo-1.8.14p3-deadcode_visudo_c.patch
 delete mode 100644 sudo-1.8.14p3-extra_while.patch

diff --git a/.gitignore b/.gitignore
index 4eadd32..2f6d35c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,4 @@ sudo-1.7.2p2-sudoers
 /sudo-1.8.14b4.tar.gz
 /sudo-1.8.14p1.tar.gz
 /sudo-1.8.14p3.tar.gz
+/sudo-1.8.15.tar.gz
diff --git a/sources b/sources
index c91139d..a565d42 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 775b863cdff3a2ee2a26c2d53b51aff5  sudo-1.8.8-sudoers
-93dbd1e47c136179ff1b01494c1c0e75  sudo-1.8.14p3.tar.gz
+7cf6b9b76d0478a572432bed481dd7b5  sudo-1.8.15.tar.gz
diff --git a/sudo-1.8.14p3-deadcode_visudo_c.patch b/sudo-1.8.14p3-deadcode_visudo_c.patch
deleted file mode 100644
index 19a55e1..0000000
--- a/sudo-1.8.14p3-deadcode_visudo_c.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff -up ./plugins/sudoers/visudo.c.deadcode ./plugins/sudoers/visudo.c
---- ./plugins/sudoers/visudo.c.deadcode	2015-08-24 09:54:59.216956064 +0200
-+++ ./plugins/sudoers/visudo.c	2015-08-24 09:59:50.831547773 +0200
-@@ -415,12 +415,10 @@ edit_sudoers(struct sudoersfile *sp, cha
-     int tfd;				/* sudoers temp file descriptor */
-     bool modified;			/* was the file modified? */
-     int ac;				/* argument count */
--    char buf[4096];			/* buffer used for copying files */
-     char linestr[64];			/* string version of lineno */
-     struct timespec ts, times[2];	/* time before and after edit */
-     struct timespec orig_mtim;		/* starting mtime of sudoers file */
-     off_t orig_size;			/* starting size of sudoers file */
--    ssize_t nread;			/* number of bytes read */
-     struct stat sb;			/* stat buffer */
-     bool rval = false;			/* return value */
-     debug_decl(edit_sudoers, SUDOERS_DEBUG_UTIL)
-@@ -440,15 +438,19 @@ edit_sudoers(struct sudoersfile *sp, cha
- 
- 	/* Copy sp->path -> sp->tpath and reset the mtime. */
- 	if (orig_size != 0) {
-+	    char buf[4096], lastch = '\0';
-+	    ssize_t nread;
- 	    (void) lseek(sp->fd, (off_t)0, SEEK_SET);
--	    while ((nread = read(sp->fd, buf, sizeof(buf))) > 0)
-+	    while ((nread = read(sp->fd, buf, sizeof(buf))) > 0){
- 		if (write(tfd, buf, nread) != nread)
- 		    sudo_fatal(U_("write error"));
-+		lastch = buf[nread - 1];
-+	    }
- 
- 	    /* Add missing newline at EOF if needed. */
--	    if (nread > 0 && buf[nread - 1] != '\n') {
--		buf[0] = '\n';
--		if (write(tfd, buf, 1) != 1)
-+	    if (lastch != '\n') {
-+		lastch = '\n';
-+		if (write(tfd, &lastch, 1) != 1)    
- 		    sudo_fatal(U_("write error"));
- 	    }
- 	}
diff --git a/sudo-1.8.14p3-extra_while.patch b/sudo-1.8.14p3-extra_while.patch
deleted file mode 100644
index c7ff83e..0000000
--- a/sudo-1.8.14p3-extra_while.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -up ./plugins/sudoers/sudoers.c.extra_while ./plugins/sudoers/sudoers.c
---- ./plugins/sudoers/sudoers.c.extra_while	2015-08-24 10:06:01.262987605 +0200
-+++ ./plugins/sudoers/sudoers.c	2015-08-24 10:07:16.557919240 +0200
-@@ -1214,7 +1214,7 @@ find_editor(int nfiles, char **files, in
- 		files, argc_out, argv_out, NULL);
- 	    if (editor_path == NULL && errno != ENOENT)
- 		debug_return_str(NULL);
--	} while (ep != NULL && editor_path == NULL);
-+	}
-     }
-     if (!editor_path) {
- 	audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
-diff -up ./plugins/sudoers/visudo.c.extra_while ./plugins/sudoers/visudo.c
---- ./plugins/sudoers/visudo.c.extra_while	2015-08-24 10:07:34.602902856 +0200
-+++ ./plugins/sudoers/visudo.c	2015-08-24 10:08:27.750854600 +0200
-@@ -332,7 +332,7 @@ get_editor(int *editor_argc, char ***edi
- 		editor_argc, editor_argv, whitelist);
- 	    if (editor_path == NULL && errno != ENOENT)
- 		debug_return_str(NULL);
--	} while (ep != NULL && editor_path == NULL);
-+    	}
-     }
-     if (editor_path == NULL)
- 	sudo_fatalx(U_("no editor found (editor path = %s)"), def_editor);
diff --git a/sudo.spec b/sudo.spec
index 5b65663..924a899 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.8.14p3
-Release: 3%{?dist}
+Version: 1.8.15
+Release: 1%{?dist}
 License: ISC
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -32,9 +32,6 @@ Patch2: sudo-1.8.14p1-ldapconfpatch.patch
 Patch3: sudo-1.8.14p1-docpassexpire.patch
 # Patch initialize variable before executing sudo_strsplit
 Patch4: sudo-1.8.14p3-initialization.patch
-# Patch resolves deadcode in visudo.c from coverity scan.
-Patch5: sudo-1.8.14p3-deadcode_visudo_c.patch
-Patch6: sudo-1.8.14p3-extra_while.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -63,8 +60,6 @@ plugins that use %{name}.
 %patch2 -p1 -b .ldapconfpatch
 %patch3 -p1 -b .docpassexpire
 %patch4 -p1 -b .initialization
-%patch5 -p1 -b .deadcode
-%patch6 -p1 -b .extra_while
 
 %build
 # Remove bundled copy of zlib
@@ -203,6 +198,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_libexecdir}/sudo/libsudo_util.so
 
 %changelog
+* Thu Nov  5 2015 Daniel Kopecek <dkopecek@redhat.com> 1.8.15-1
+- update to 1.8.15
+- fixes CVE-2015-5602
+
 * Mon Aug 24 2015 Radovan Sroka <rsroka@redhat.com> 1.8.14p3-3
 - enable upstream test suite