sudo/sudo-1.9.13-CVE-2023-28486-7-4.patch
Radovan Sroka f8883a97a0 RHEL 8.9.0.Z ERRATUM
- Rebase to 1.9.5p2
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21825
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21831
- CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21820

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
2024-01-26 11:45:49 +01:00

67 lines
2.2 KiB
Diff

From d452678787683da6498668cd1f1cbb8000d63178 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Tue, 2 Mar 2021 18:37:35 -0700
Subject: [PATCH] Log peer address in sudo_logsrvd JSON-format logs. The peer
that connected to us might not be the same host where the log entry
originated.
---
include/sudo_eventlog.h | 3 ++-
lib/eventlog/eventlog.c | 9 ++++++++-
logsrvd/iolog_writer.c | 8 ++++++--
logsrvd/logsrvd.c | 9 +++++----
logsrvd/logsrvd.h | 4 ++--
5 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h
index e40622a51..49153e173 100644
--- a/include/sudo_eventlog.h
+++ b/include/sudo_eventlog.h
@@ -1,7 +1,7 @@
/*
* SPDX-License-Identifier: ISC
*
- * Copyright (c) 2020 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2020-2021 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -101,6 +101,7 @@ struct eventlog {
char *runcwd;
char *rungroup;
char *runuser;
+ char *peeraddr;
char *submithost;
char *submituser;
char *submitgroup;
diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c
index e7505d9d9..0c1e74e38 100644
--- a/lib/eventlog/eventlog.c
+++ b/lib/eventlog/eventlog.c
@@ -1,7 +1,7 @@
/*
* SPDX-License-Identifier: ISC
*
- * Copyright (c) 1994-1996, 1998-2020 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 1994-1996, 1998-2021 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -825,6 +825,13 @@ format_json(int event_type, const char *reason, const char *errstr,
/* Event log info may be missing for alert messages. */
if (evlog != NULL) {
+ if (evlog->peeraddr != NULL) {
+ json_value.type = JSON_STRING;
+ json_value.u.string = evlog->peeraddr;
+ if (!sudo_json_add_value(&json, "peeraddr", &json_value))
+ goto bad;
+ }
+
if (evlog->iolog_path != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = evlog->iolog_path;
--
2.43.0