From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] sudo: Update to version 1.9.12p2 Date: Thu, 19 Jan 2023 21:25:56 +0000 Message-ID: In-Reply-To: <20230119190701.2901193-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6857138909703191704==" List-Id: --===============6857138909703191704== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > - Update from version 1.9.12p1 to 1.9.12p2 > - Update of rootfile not required > - Changelog > 1.9.12p2 > Fixed a compilation error on Linux/aarch64. GitHub issue #197. > Fixed a potential crash introduced in the fix GitHub issue #134. If a = user=E2=80=99s > sudoers entry did not have any RunAs user=E2=80=99s set, runni= ng sudo -U otheruser -l > would dereference a NULL pointer. > Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from cre= ating a > I/O files when the iolog_file sudoers setting contains six or = more Xs. > Fixed a compilation issue on AIX with the native compiler. GitHub issu= e #231. > Fixed CVE-2023-22809, a flaw in sudo=E2=80=99s -e option (aka sudoedit= ) that could > allow a malicious user with sudoedit privileges to edit arbitr= ary files. For > more information, see https://www.sudo.ws/security/advisories/= sudoedit_any >=20 > Signed-off-by: Adolf Belka > --- > lfs/sudo | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) >=20 > diff --git a/lfs/sudo b/lfs/sudo > index 807169c5c..ddcddf225 100644 > --- a/lfs/sudo > +++ b/lfs/sudo > @@ -1,7 +1,7 @@ > ##########################################################################= ##### > # = # > # IPFire.org - A linux based firewall = # > -# Copyright (C) 2007-2018 IPFire Team = # > +# Copyright (C) 2007-2023 IPFire Team = # > # = # > # This program is free software: you can redistribute it and/or modify = # > # it under the terms of the GNU General Public License as published by = # > @@ -24,7 +24,7 @@ > =20 > include Config > =20 > -VER =3D 1.9.12p1 > +VER =3D 1.9.12p2 > =20 > THISAPP =3D sudo-$(VER) > DL_FILE =3D $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) > =20 > $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > =20 > -$(DL_FILE)_BLAKE2 =3D 976d00fb16b0d26b2714a188e379ccba102e0fa67b8ec6278e54= 35728af0cc9ba23d63db64a87d4e14d59cd52d3f62401943eb7c0f9c33317179ff764a9f950c > +$(DL_FILE)_BLAKE2 =3D 79eac710b757acae7aa98e6e6f495a475e5236be456e4687fb14= 41345ee296672ff80a5a60902cffcd257aa81a01fbc3857f3c52e51bb46f56c060fd299e0c05 > =20 > install : $(TARGET) > =20 --===============6857138909703191704==--