rpms/sudo
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Rebase to sudo 1.9.12p2

Browse Source 
- sudo-1.9.12p2 is available
Resolves: rhbz#2137775
- sudo: arbitrary file write with privileges of the RunAs user
Resolves: CVE-2023-22809

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
This commit is contained in:
Radovan Sroka 2023-01-19 14:19:32 +01:00
parent e56d19d93d
commit 61dacac7f9
3 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -29,3 +29,4 @@
/sudo-1.9.5p2.tar.gz /sudo-1.9.5p2.tar.gz
/sudo-1.9.8p2.tar.gz /sudo-1.9.8p2.tar.gz
/sudo-1.9.11p3.tar.gz /sudo-1.9.11p3.tar.gz
/sudo-1.9.12p2.tar.gz

2
sources
View File

@ -1 +1 @@
SHA512 (sudo-1.9.11p3.tar.gz) = ad5c3d623547d1e3016e1a721676fee6d6b7348e77b2c234041e0af40c7220e8934c8c27beef0d12fa6df11708d37de711dacfefc135d26de46abca7f91c55d1 SHA512 (sudo-1.9.12p2.tar.gz) = 5e035246137d5820691f7ddfc13faec3886e3cf1563ed56633667d86ab4f1306f34cc0e27808f56790b6c6a4614826e54c5b7e47b31eb009b96dde3e52170c45

14
sudo.spec
View File

@ -1,15 +1,14 @@
# comment out if no extra version # comment out if no extra version
%global extraver p3 %global extraver p2
Summary: Allows restricted root access for specified users Summary: Allows restricted root access for specified users
Name: sudo Name: sudo
Version: 1.9.11 Version: 1.9.12
# remove -b 3 after rebase !!! # remove -b 3 after rebase !!!
# use "-p -e % {?extraver}" when beta # use "-p -e % {?extraver}" when beta
# use "-e % {?extraver}"" when patch version # use "-e % {?extraver}"" when patch version
# use nothing special when normal version # use nothing special when normal version
Release: %autorelease -e %{?extraver} -b 3 Release: %autorelease -e %{?extraver}
License: ISC License: ISC
URL: https://www.sudo.ws URL: https://www.sudo.ws
Source0: %{url}/dist/%{name}-%{version}%{?extraver}.tar.gz Source0: %{url}/dist/%{name}-%{version}%{?extraver}.tar.gz
@ -90,7 +89,7 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
--sbindir=%{_sbindir} \ --sbindir=%{_sbindir} \
--libdir=%{_libdir} \ --libdir=%{_libdir} \
--docdir=%{_pkgdocdir} \ --docdir=%{_pkgdocdir} \
--enable-openssl \ --enable-openssl \
--disable-root-mailer \ --disable-root-mailer \
--disable-intercept \ --disable-intercept \
--with-logging=syslog \ --with-logging=syslog \
@ -104,8 +103,8 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
--with-ldap \ --with-ldap \
--with-selinux \ --with-selinux \
--with-passprompt="[sudo] password for %p: " \ --with-passprompt="[sudo] password for %p: " \
--enable-python \ --enable-python \
--enable-zlib=system \ --enable-zlib=system \
--with-linux-audit \ --with-linux-audit \
--with-sssd --with-sssd
# --without-kerb5 \ # --without-kerb5 \
@ -194,7 +193,6 @@ EOF
%attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so %attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
%attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so %attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
%attr(0644,root,root) %{_libexecdir}/sudo/group_file.so %attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
%attr(0644,root,root) %{_libexecdir}/sudo/sample_approval.so
%attr(0644,root,root) %{_libexecdir}/sudo/system_group.so %attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
%attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.? %attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
%{_libexecdir}/sudo/libsudo_util.so.? %{_libexecdir}/sudo/libsudo_util.so.?