From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] sudo: Upgrade to 1.9.5p2
Date: Wed, 27 Jan 2021 21:14:44 +0100
Message-ID: <20210127201444.3979076-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5126133168775254596=="
List-Id: <development.lists.ipfire.org>

--===============5126133168775254596==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update sudo from 1.9.5p1 to 1.9.5p2
- Major changes between version 1.9.5p2 and 1.9.5p1:
    Fixed sudo's setprogname(3) emulation on systems that don't provide it.
    Fixed a problem with the sudoers log server client where a partial write =
to the server could result the sudo process consuming large amounts of CPU ti=
me due to a cycle in the buffer queue. Bug #954.
    Added a missing dependency on libsudo_util in libsudo_eventlog. Fixes a l=
ink error when building sudo statically.
    The user's KRB5CCNAME environment variable is now preserved when performi=
ng PAM authentication. This fixes GSSAPI authentication when the user has a n=
on-default ccache.
    When invoked as sudoedit, the same set of command line options are now ac=
cepted as for sudo -e. The -H and -P options are now rejected for sudoedit an=
d sudo -e which matches the sudo 1.7 behavior. This is part of the fix for CV=
E-2021-3156.
    Fixed a potential buffer overflow when unescaping backslashes in the comm=
and's arguments. Normally, sudo escapes special characters when running a com=
mand via a shell (sudo -s or sudo -i). However, it was also possible to run s=
udoedit with the -s or -i flags in which case no escaping had actually been d=
one, making a buffer overflow possible. This fixes CVE-2021-3156.
- No change to rootfile

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 lfs/sudo | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/sudo b/lfs/sudo
index feba249cd..bb2279e8f 100644
--- a/lfs/sudo
+++ b/lfs/sudo
@@ -24,7 +24,7 @@
=20
 include Config
=20
-VER        =3D 1.9.5p1
+VER        =3D 1.9.5p2
=20
 THISAPP    =3D sudo-$(VER)
 DL_FILE    =3D $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_MD5 =3D 145f6e69c116f82cf0377ccf459344eb
+$(DL_FILE)_MD5 =3D e6bc4c18c06346e6b3431637a2b5f3d5
=20
 install : $(TARGET)
=20
--=20
2.30.0


--===============5126133168775254596==--