diff --git a/.gitignore b/.gitignore index aeb7960..60e0c95 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,6 @@ /sudo-1.8.22b1.tar.gz /sudo-1.8.23b3.tar.gz /sudo-1.8.23.tar.gz +/sudo-1.8.25.tar.gz +/sudo-1.8.27.tar.gz +/sudo-1.8.28.tar.gz diff --git a/sources b/sources index 1aac8dc..68032d5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sudo-1.8.23.tar.gz) = a9d61850a4857bfd075547a13efb13b054e4736e3ebe3c8a98a90a090b1d9b9688354ec9725fc99d1d256999b6f9c6ae6215ce9770fcdebd7f24731107b48342 +SHA512 (sudo-1.8.28.tar.gz) = 09e589cdfd18d7c43b0859a0e11c008b3cb995ae4f8c89c717c5242db9e5696361eb574ebe74a0b5316afffb3a8037f7a7f3c249176e8ed9caffeb4cd860ddc7 diff --git a/sudo.spec b/sudo.spec index 434b5be..5e53381 100644 --- a/sudo.spec +++ b/sudo.spec @@ -2,8 +2,8 @@ Summary: Allows restricted root access for specified users Name: sudo -Version: 1.8.23 -Release: 3%{?dist} +Version: 1.8.28 +Release: 1%{?dist} License: ISC Group: Applications/System URL: http://www.courtesan.com/sudo/ @@ -103,10 +103,10 @@ install -p -d -m 700 $RPM_BUILD_ROOT/var/db/sudo/lectured install -p -d -m 750 $RPM_BUILD_ROOT/etc/sudoers.d install -p -c -m 0440 %{SOURCE1} $RPM_BUILD_ROOT/etc/sudoers #add sudo to protected packages -install -p -d -m 755 $RPM_BUILD_ROOT/etc/yum/protected.d/ +install -p -d -m 755 $RPM_BUILD_ROOT/etc/dnf/protected.d/ touch sudo.conf echo sudo > sudo.conf -install -p -c -m 0644 sudo.conf $RPM_BUILD_ROOT/etc/yum/protected.d/ +install -p -c -m 0644 sudo.conf $RPM_BUILD_ROOT/etc/dnf/protected.d/ rm -f sudo.conf chmod +x $RPM_BUILD_ROOT%{_libexecdir}/sudo/*.so # for stripping, reset in %%files @@ -156,7 +156,7 @@ EOF %config(noreplace) /etc/pam.d/sudo %config(noreplace) /etc/pam.d/sudo-i %attr(0644,root,root) %{_tmpfilesdir}/sudo.conf -%attr(0644,root,root) /etc/yum/protected.d/sudo.conf +%attr(0644,root,root) /etc/dnf/protected.d/sudo.conf %dir /var/db/sudo %dir /var/db/sudo/lectured %attr(4111,root,root) %{_bindir}/sudo @@ -199,6 +199,20 @@ EOF %{_mandir}/man8/sudo_plugin.8* %changelog +* Tue Oct 15 2019 Radovan Sroka - 1.8.28-1 +- rebase to 1.8.28 +Resolves: rhbz#1761533 +- fixes CVE-2019-14287 +- Privilege escalation via 'Runas' specification with 'ALL' keyword +Resolves: rhbz#1761584 + +* Mon Mar 11 2019 Radovan Sroka - 1.8.27-1 +- rebase sudo to 1.8.27 + +* Mon Sep 10 2018 Radovan Sroka 1.8.25-1 +- rebase sudo to latest stawble version +- install /etc/dnf/protected.d/sudo instead of /etc/yum/protected.d/sudo (1626968) + * Sat Jul 14 2018 Fedora Release Engineering - 1.8.23-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild