From ef588d91d6e9787bb0aca5e505b827048ce9dddc Mon Sep 17 00:00:00 2001
From: Radovan Sroka <rsroka@redhat.com>
Date: Fri, 25 Apr 2025 15:20:40 +0200
Subject: [PATCH] RHEL: 9.7.0 ERRATUM

- sudo missing spacing and separator in log when using "--preserve-env=list"
Resolves: RHEL-71916

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
---
 sudo-separator.patch | 19 +++++++++++++++++++
 sudo.spec            | 10 +++++++++-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 sudo-separator.patch

diff --git a/sudo-separator.patch b/sudo-separator.patch
new file mode 100644
index 0000000..56df486
--- /dev/null
+++ b/sudo-separator.patch
@@ -0,0 +1,19 @@
+diff -up ./lib/eventlog/eventlog.c.separator ./lib/eventlog/eventlog.c
+--- ./lib/eventlog/eventlog.c.separator	2025-03-31 17:03:34.700244658 +0200
++++ ./lib/eventlog/eventlog.c	2025-03-31 17:04:39.943669191 +0200
+@@ -176,6 +176,7 @@ new_logline(int event_type, int flags, s
+             sudo_lbuf_append_esc(&lbuf, LBUF_ESC_CNTRL, " %s",
+                                  evlog->env_add[i]);
+         }
++        sudo_lbuf_append(&lbuf, " ; ");
+     }
+     if (evlog->command != NULL) {
+         sudo_lbuf_append_esc(&lbuf, LBUF_ESC_CNTRL|LBUF_ESC_BLANK,
+@@ -197,6 +198,7 @@ new_logline(int event_type, int flags, s
+             }
+ 	    }
+ 	}
++    sudo_lbuf_append(&lbuf, " ; ");
+ /*
+ 	if (event_type == EVLOG_EXIT) {
+ 	    if (args->signal_name != NULL) {
diff --git a/sudo.spec b/sudo.spec
index 857e95f..c79c8b5 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.9.5p2
-Release: 10%{?dist}
+Release: 11%{?dist}
 License: ISC
 URL: https://www.sudo.ws
 
@@ -47,6 +47,7 @@ Patch17: sudo-1.9.13-CVE-2023-28486-7-9.patch
 Patch18: linker.patch
 
 Patch19: sudo-1.9.15-CVE-2023-42465.patch
+Patch20: sudo-separator.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -101,6 +102,8 @@ BuildRequires:  python3-devel
 %patch -P 18 -p1 -b .linker
 %patch -P 19 -p1 -b .rowhammer
 
+%patch -P 20 -p1 -b .separator
+
 
 %build
 # Remove bundled copy of zlib
@@ -275,6 +278,11 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so
 
 %changelog
+* Mon Apr 22 2025 Radovan Sroka <rsroka@redhat.com> - 1.9.5p2-11
+RHEL: 9.7.0 ERRATUM
+- sudo missing spacing and separator in log when using "--preserve-env=list"
+Resolves: RHEL-71916
+
 * Mon Jan 22 2024 Radovan Sroka <rsroka@redhat.com> - 1.9.5p2-10
 RHEL 9.3.0.Z ERRATUM
 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output