Re: [PATCH] sudo: Update to version 1.9.12p1

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 7805 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 25 Nov 2022, at 08:55, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> - Update from version 1.9.11p3 to 1.9.12p1
> - Update of rootfile
> - Changelog
>    What's new in Sudo 1.9.12p1
> * Sudo's configure script now does a better job of detecting when
>   the -fstack-clash-protection compiler option does not work.
>   GitHub issue #191.
> * Fixed CVE-2022-43995, a potential out-of-bounds write for passwords
>   smaller than 8 characters when passwd authentication is enabled.
>   This does not affect configurations that use other authentication
>   methods such as PAM, AIX authentication or BSD authentication.
> * Fixed a build error with some configurations compiling host_port.c.
>    What's new in Sudo 1.9.12
> * Fixed a bug in the ptrace-based intercept mode where the current
>   working directory could include garbage at the end.
> * Fixed a compilation error on systems that lack the stdint.h
>   header.  Bug #1035
> * Fixed a bug when logging the command's exit status in intercept
>   mode.  The wrong command could be logged with the exit status.
> * For ptrace-based intercept mode, sudo will now attempt to
>   verify that the command path name, arguments and environment
>   have not changed from the time when they were authorized by the
>   security policy.  The new "intercept_verify" sudoers setting can
>   be used to control this behavior.
> * Fixed running commands with a relative path (e.g. ./foo) in
>   intercept mode.  Previously, this would fail if sudo's current
>   working directory was different from that of the command.
> * Sudo now supports passing the execve(2) system call the NULL
>   pointer for the `argv` and/or `envp` arguments when in intercept
>   mode.  Linux treats a NULL pointer like an empty array.
> * The sudoers LDAP schema now allows sudoUser, sudoRunasUser and
>   sudoRunasGroup to include UTF-8 characters, not just 7-bit ASCII.
> * Fixed a problem with "sudo -i" on SELinux when the target user's
>   home directory is not searchable by sudo.  GitHub issue #160.
> * Neovim has been added to the list of visudo editors that support
>   passing the line number on the command line.
> * Fixed a bug in sudo's SHA384 and SHA512 message digest padding.
> * Added a new "-N" (--no-update) command line option to sudo which
>   can be used to prevent sudo from updating the user's cached
>   credentials.  It is now possible to determine whether or not a
>   user's cached credentials are currently valid by running:
> $ sudo -Nnv
>   and checking the exit value.  One use case for this is to indicate
>   in a shell prompt that sudo is "active" for the user.
> * PAM approval modules are no longer invoked when running sub-commands
>   in intercept mode unless the "intercept_authenticate" option is set.
>   There is a substantial performance penalty for calling into PAM
>   for each command run.  PAM approval modules are still called for
>   the initial command.
> * Intercept mode on Linux now uses process_vm_readv(2) and
>   process_vm_writev(2) if available.
> * The XDG_CURRENT_DESKTOP environment variable is now preserved
>   by default.  This makes it possible for graphical applications
>   to choose the correct theme when run via sudo.
> * On 64-bit systems, if sudo fails to load a sudoers group plugin,
>   it will use system-specific heuristics to try to locate a 64-bit
>   version of the plugin.
> * The cvtsudoers manual now documents the JSON and CSV output
>   formats.  GitHub issue #172.
> * Fixed a bug where sub-commands were not being logged to a remote
>   log server when log_subcmds was enabled.  GitHub issue #174.
> * The new log_stdin, log_stdout, log_stderr, log_ttyin, and log_ttyout
>   sudoers settings can be used to support more fine-grained I/O logging.
>   The sudo front-end no longer allocates a pseudo-terminal when running
>   a command if the I/O logging plugin requests logging of stdin, stdout,
>   or stderr but not terminal input/output.
> * Quieted a libgcrypt run-time initialization warning.
>   This fixes Debian bug #1019428 and Ubuntu bug #1397663.
> * Fixed a bug in visudo that caused literal backslashes to be removed
>   from the EDITOR environment variable.  GitHub issue #179.
> * The sudo Python plugin now implements the "find_spec" method instead
>   of the the deprecated "find_module".  This fixes a test failure when
>   a newer version of setuptools that doesn't include "find_module" is
>   found on the system.
> * Fixed a bug introduced in sudo 1.9.9 where sudo_logsrvd created
>   the process ID file, usually /var/run/sudo/sudo_logsrvd.pid, as
>   a directory instead of a plain file.  The same bug could result
>   in I/O log directories that end in six or more X's being created
>   literally in addition to the name being used as a template for
>   the mkdtemp(3) function.
> * Fixed a long-standing bug where a sudoers rule with a command
>   line argument of "", which indicates the command may be run with
>   no arguments, would also match a literal "" on the command line.
>   GitHub issue #182.
> * Added the -I option to visudo which only edits the main sudoers
>   file.  Include files are not edited unless a syntax error is found.
> * Fixed "sudo -l -U otheruser" output when the runas list is empty.
>   Previously, sudo would list the invoking user instead of the
>   list user.  GitHub issue #183.
> * Fixed the display of command tags and options in "sudo -l" output
>   when the RunAs user or group changes.  A new line is started for
>   RunAs changes which means we need to display the command tags
>   and options again.  GitHub issue #184.
> * The sesh helper program now uses getopt_long(3) to parse the
>   command line options.
> * The embedded copy of zlib has been updated to version 1.2.13.
> * Fixed a bug that prevented event log data from being sent to the
>   log server when I/O logging was not enabled.  This only affected
>   systems without PAM or configurations where the pam_session and
>   pam_setcred options were disabled in the sudoers file.
> * Fixed a bug where "sudo -l" output included a carriage return
>   after the newline.  This is only needed when displaying to a
>   terminal in raw mode.  Bug #1042.
> 
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/sudo | 2 --
> lfs/sudo                     | 4 ++--
> 2 files changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo
> index 93d9cbce2..43b8f7127 100644
> --- a/config/rootfiles/common/sudo
> +++ b/config/rootfiles/common/sudo
> @@ -16,8 +16,6 @@ usr/lib/sudo/group_file.so
> #usr/lib/sudo/libsudo_util.so
> #usr/lib/sudo/libsudo_util.so.0
> usr/lib/sudo/libsudo_util.so.0.0.0
> -#usr/lib/sudo/sample_approval.la
> -usr/lib/sudo/sample_approval.so
> #usr/lib/sudo/sudo_intercept.la
> usr/lib/sudo/sudo_intercept.so
> #usr/lib/sudo/sudo_noexec.la
> diff --git a/lfs/sudo b/lfs/sudo
> index ce9649d79..807169c5c 100644
> --- a/lfs/sudo
> +++ b/lfs/sudo
> @@ -24,7 +24,7 @@
> 
> include Config
> 
> -VER        = 1.9.11p3
> +VER        = 1.9.12p1
> 
> THISAPP    = sudo-$(VER)
> DL_FILE    = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = f8508f65b514abd9979a11628d8bc0e085b2625993281e7d1f8794a576e88970bda6939d2f2f50d9485f00276970aba3489b19c102eca5625e389c9610f338dd
> +$(DL_FILE)_BLAKE2 = 976d00fb16b0d26b2714a188e379ccba102e0fa67b8ec6278e5435728af0cc9ba23d63db64a87d4e14d59cd52d3f62401943eb7c0f9c33317179ff764a9f950c
> 
> install : $(TARGET)
> 
> -- 
> 2.38.1
>