[OE-core][langdale 11/22] sudo: upgrade 1.9.12p1 -> 1.9.12p2

Mon, 20 Feb 2023 06:19:02 -0800 

From: Alexander Kanavin <alex.kana...@gmail.com>

Changes:

Fixed a compilation error on Linux/aarch64. GitHub issue #197.

Fixed a potential crash introduced in the fix GitHub issue #134. If a user’s 
sudoers entry did not have any RunAs user’s set, running sudo -U otheruser -l 
would dereference a NULL pointer.

Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from creating a 
I/O files when the iolog_file sudoers setting contains six or more Xs.

Fixed a compilation issue on AIX with the native compiler. GitHub issue #231.

Fixed CVE-2023-22809, a flaw in sudo’s -e option (aka sudoedit) that could 
allow a malicious user with sudoedit privileges to edit arbitrary files

Signed-off-by: Alexander Kanavin <a...@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceres...@bootlin.com>
Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
(cherry picked from commit 5a3f5f4f607f5e06af772287109b68579154fb2f)
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
 .../sudo/{sudo_1.9.12p1.bb => sudo_1.9.12p2.bb}                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/sudo/{sudo_1.9.12p1.bb => sudo_1.9.12p2.bb} (96%)

diff --git a/meta/recipes-extended/sudo/sudo_1.9.12p1.bb 
b/meta/recipes-extended/sudo/sudo_1.9.12p2.bb
similarity index 96%
rename from meta/recipes-extended/sudo/sudo_1.9.12p1.bb
rename to meta/recipes-extended/sudo/sudo_1.9.12p2.bb
index 1495b67b8b..ae7207c081 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.12p1.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.12p2.bb
@@ -8,7 +8,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
 
 PAM_SRC_URI = "file://sudo.pam"
 
-SRC_URI[sha256sum] = 
"475a18a8eb3da8b2917ceab063a6baf51ea09128c3c47e3e0e33ab7497bab7d8"
+SRC_URI[sha256sum] = 
"b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539"
 
 DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 
'libpam', '', d)}"
 RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 
'pam-plugin-limits pam-plugin-keyinit', '', d)}"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#177417): 
https://lists.openembedded.org/g/openembedded-core/message/177417
Mute This Topic: https://lists.openembedded.org/mt/97086315/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to