Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/sudo.git#571662fc2efb75cca738d11d48fe95bf6a86a483
2021-01-26 20:59:55 +00:00 · 2021-01-26 20:59:55 +00:00 · 372d9856df
commit 372d9856df
parent c5fff4db43
3 changed files with 9 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -26,3 +26,4 @@
 /sudo-1.9.2.tar.gz
 /sudo-1.9.3p1.tar.gz
 /sudo-1.9.5p1.tar.gz
+/sudo-1.9.5p2.tar.gz
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (sudo-1.9.5p1.tar.gz) = 0168f0b61a6c2d2f60a92b5b4d3c3254aed4116decabac3821d9ac2fd7f74bb7b019e35bb8955335315b3b00ddf4e4acd82540df0addc1d9bf4f44b60447a878
+SHA512 (sudo-1.9.5p2.tar.gz) = f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27
--- a/sudo.spec
+++ b/sudo.spec
@ -1,6 +1,6 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.9.5p1
+Version: 1.9.5p2
 Release: 1%{?dist}
 License: ISC
 URL: https://www.sudo.ws
@ -230,6 +230,12 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so

 %changelog
+* Tue Jan 26 2021 Matthew Miller <mattdm@fedoraproject.org> - 1.9.5p2-1
+- rebase to 1.9.5p2
+Resolves: rhbz#1920611
+- fixed CVE-2021-3156 sudo: Heap buffer overflow in argument parsing
+Resolves: rhbz#1920618
+
 * Mon Jan 18 2021 Radovan Sroka <rsroka@redhat.com> - 1.9.5p1-1
 - rebase to 1.9.5p1
 Resolves: rhbz#1902758