From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] sudo: Update to version 1.9.12p1 Date: Fri, 25 Nov 2022 11:17:24 +0000 Message-ID: In-Reply-To: <20221125085531.1928-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1167383162902483995==" List-Id: --===============1167383162902483995== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Michael Tremer > On 25 Nov 2022, at 08:55, Adolf Belka wrote: >=20 > - Update from version 1.9.11p3 to 1.9.12p1 > - Update of rootfile > - Changelog > What's new in Sudo 1.9.12p1 > * Sudo's configure script now does a better job of detecting when > the -fstack-clash-protection compiler option does not work. > GitHub issue #191. > * Fixed CVE-2022-43995, a potential out-of-bounds write for passwords > smaller than 8 characters when passwd authentication is enabled. > This does not affect configurations that use other authentication > methods such as PAM, AIX authentication or BSD authentication. > * Fixed a build error with some configurations compiling host_port.c. > What's new in Sudo 1.9.12 > * Fixed a bug in the ptrace-based intercept mode where the current > working directory could include garbage at the end. > * Fixed a compilation error on systems that lack the stdint.h > header. Bug #1035 > * Fixed a bug when logging the command's exit status in intercept > mode. The wrong command could be logged with the exit status. > * For ptrace-based intercept mode, sudo will now attempt to > verify that the command path name, arguments and environment > have not changed from the time when they were authorized by the > security policy. The new "intercept_verify" sudoers setting can > be used to control this behavior. > * Fixed running commands with a relative path (e.g. ./foo) in > intercept mode. Previously, this would fail if sudo's current > working directory was different from that of the command. > * Sudo now supports passing the execve(2) system call the NULL > pointer for the `argv` and/or `envp` arguments when in intercept > mode. Linux treats a NULL pointer like an empty array. > * The sudoers LDAP schema now allows sudoUser, sudoRunasUser and > sudoRunasGroup to include UTF-8 characters, not just 7-bit ASCII. > * Fixed a problem with "sudo -i" on SELinux when the target user's > home directory is not searchable by sudo. GitHub issue #160. > * Neovim has been added to the list of visudo editors that support > passing the line number on the command line. > * Fixed a bug in sudo's SHA384 and SHA512 message digest padding. > * Added a new "-N" (--no-update) command line option to sudo which > can be used to prevent sudo from updating the user's cached > credentials. It is now possible to determine whether or not a > user's cached credentials are currently valid by running: > $ sudo -Nnv > and checking the exit value. One use case for this is to indicate > in a shell prompt that sudo is "active" for the user. > * PAM approval modules are no longer invoked when running sub-commands > in intercept mode unless the "intercept_authenticate" option is set. > There is a substantial performance penalty for calling into PAM > for each command run. PAM approval modules are still called for > the initial command. > * Intercept mode on Linux now uses process_vm_readv(2) and > process_vm_writev(2) if available. > * The XDG_CURRENT_DESKTOP environment variable is now preserved > by default. This makes it possible for graphical applications > to choose the correct theme when run via sudo. > * On 64-bit systems, if sudo fails to load a sudoers group plugin, > it will use system-specific heuristics to try to locate a 64-bit > version of the plugin. > * The cvtsudoers manual now documents the JSON and CSV output > formats. GitHub issue #172. > * Fixed a bug where sub-commands were not being logged to a remote > log server when log_subcmds was enabled. GitHub issue #174. > * The new log_stdin, log_stdout, log_stderr, log_ttyin, and log_ttyout > sudoers settings can be used to support more fine-grained I/O logging. > The sudo front-end no longer allocates a pseudo-terminal when running > a command if the I/O logging plugin requests logging of stdin, stdout, > or stderr but not terminal input/output. > * Quieted a libgcrypt run-time initialization warning. > This fixes Debian bug #1019428 and Ubuntu bug #1397663. > * Fixed a bug in visudo that caused literal backslashes to be removed > from the EDITOR environment variable. GitHub issue #179. > * The sudo Python plugin now implements the "find_spec" method instead > of the the deprecated "find_module". This fixes a test failure when > a newer version of setuptools that doesn't include "find_module" is > found on the system. > * Fixed a bug introduced in sudo 1.9.9 where sudo_logsrvd created > the process ID file, usually /var/run/sudo/sudo_logsrvd.pid, as > a directory instead of a plain file. The same bug could result > in I/O log directories that end in six or more X's being created > literally in addition to the name being used as a template for > the mkdtemp(3) function. > * Fixed a long-standing bug where a sudoers rule with a command > line argument of "", which indicates the command may be run with > no arguments, would also match a literal "" on the command line. > GitHub issue #182. > * Added the -I option to visudo which only edits the main sudoers > file. Include files are not edited unless a syntax error is found. > * Fixed "sudo -l -U otheruser" output when the runas list is empty. > Previously, sudo would list the invoking user instead of the > list user. GitHub issue #183. > * Fixed the display of command tags and options in "sudo -l" output > when the RunAs user or group changes. A new line is started for > RunAs changes which means we need to display the command tags > and options again. GitHub issue #184. > * The sesh helper program now uses getopt_long(3) to parse the > command line options. > * The embedded copy of zlib has been updated to version 1.2.13. > * Fixed a bug that prevented event log data from being sent to the > log server when I/O logging was not enabled. This only affected > systems without PAM or configurations where the pam_session and > pam_setcred options were disabled in the sudoers file. > * Fixed a bug where "sudo -l" output included a carriage return > after the newline. This is only needed when displaying to a > terminal in raw mode. Bug #1042. >=20 > Signed-off-by: Adolf Belka > --- > config/rootfiles/common/sudo | 2 -- > lfs/sudo | 4 ++-- > 2 files changed, 2 insertions(+), 4 deletions(-) >=20 > diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo > index 93d9cbce2..43b8f7127 100644 > --- a/config/rootfiles/common/sudo > +++ b/config/rootfiles/common/sudo > @@ -16,8 +16,6 @@ usr/lib/sudo/group_file.so > #usr/lib/sudo/libsudo_util.so > #usr/lib/sudo/libsudo_util.so.0 > usr/lib/sudo/libsudo_util.so.0.0.0 > -#usr/lib/sudo/sample_approval.la > -usr/lib/sudo/sample_approval.so > #usr/lib/sudo/sudo_intercept.la > usr/lib/sudo/sudo_intercept.so > #usr/lib/sudo/sudo_noexec.la > diff --git a/lfs/sudo b/lfs/sudo > index ce9649d79..807169c5c 100644 > --- a/lfs/sudo > +++ b/lfs/sudo > @@ -24,7 +24,7 @@ >=20 > include Config >=20 > -VER =3D 1.9.11p3 > +VER =3D 1.9.12p1 >=20 > THISAPP =3D sudo-$(VER) > DL_FILE =3D $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) >=20 > $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >=20 > -$(DL_FILE)_BLAKE2 =3D f8508f65b514abd9979a11628d8bc0e085b2625993281e7d1f87= 94a576e88970bda6939d2f2f50d9485f00276970aba3489b19c102eca5625e389c9610f338dd > +$(DL_FILE)_BLAKE2 =3D 976d00fb16b0d26b2714a188e379ccba102e0fa67b8ec6278e54= 35728af0cc9ba23d63db64a87d4e14d59cd52d3f62401943eb7c0f9c33317179ff764a9f950c >=20 > install : $(TARGET) >=20 > --=20 > 2.38.1 >=20 --===============1167383162902483995==--