From 92ee945d38725b70c27ad36b23a0c912511ba726 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Kope=C4=8Dek?= Date: Wed, 31 May 2017 09:05:44 +0200 Subject: [PATCH 1/3] update to 1.8.20p1 fixes CVE-2017-1000367 Resolves: rhbz#1456884 --- .gitignore | 1 + sources | 2 +- sudo.spec | 17 ++++++++++++----- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 55616ea..0b04d27 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ /sudo-738c3cbf3e8400bf4a5aeab8966427ff6d630cd2.tar.gz /sudo-1.8.19p2.tar.gz /sudo-1.8.20b1.tar.gz +/sudo-1.8.20p1.tar.gz diff --git a/sources b/sources index 718bdfe..4921bf3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sudo-1.8.20b1.tar.gz) = 8fd9a8d74883b83a4302c0e6e9980773d73c592be69e5246fcab097ae293c299b886a6f83d714bf1638d366f1bc0f00436e291c4f18611049a92f39bdd892e37 +SHA512 (sudo-1.8.20p1.tar.gz) = b7d4c07a550da917029e31d15e734d9462f3565ee43eb5f6fd19463b54a2fa3f444381f0999d6d1ba643b65832056dd9177dad4452fa9f87f2542c223b13f258 diff --git a/sudo.spec b/sudo.spec index 6007ab0..a96a40f 100644 --- a/sudo.spec +++ b/sudo.spec @@ -1,14 +1,13 @@ %global user millert -%global debug_package %{nil} Summary: Allows restricted root access for specified users Name: sudo -Version: 1.8.20 -Release: 0.1.b1%{?dist} +Version: 1.8.20p1 +Release: 1%{?dist} License: ISC Group: Applications/System URL: http://www.courtesan.com/sudo/ -Source0: https://www.sudo.ws/dist/beta/%{name}-%{version}b1.tar.gz +Source0: https://www.sudo.ws/dist/%{name}-%{version}.tar.gz Source1: sudoers Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: /etc/pam.d/system-auth @@ -51,7 +50,7 @@ The %{name}-devel package contains header files developing sudo plugins that use %{name}. %prep -%setup -q -n sudo-1.8.20b1 +%setup -q %patch1 -p1 -b .strip @@ -124,6 +123,9 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/examples/sudo #Remove all .la files find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' +# Remove sudoers.dist +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.dist + %find_lang sudo %find_lang sudoers @@ -202,6 +204,11 @@ rm -rf $RPM_BUILD_ROOT %{_libexecdir}/sudo/libsudo_util.so %changelog +* Wed May 31 2017 Daniel Kopecek 1.8.20p1-1 +- update to 1.8.20p1 +- fixes CVE-2017-1000367 + Resolves: rhbz#1456884 + * Fri Apr 07 2017 Jiri Vymazal - 1.8.20-0.1.b1 - update to latest development version 1.8.20b1 - added sudo to dnf/yum protected packages From bcfe28894b6208bd241d09994dcf27901ed47bd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Kope=C4=8Dek?= Date: Thu, 1 Jun 2017 12:33:48 +0200 Subject: [PATCH 2/3] update to 1.8.20p2 --- .gitignore | 1 + sources | 2 +- sudo.spec | 5 ++++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 0b04d27..4f59932 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ /sudo-1.8.19p2.tar.gz /sudo-1.8.20b1.tar.gz /sudo-1.8.20p1.tar.gz +/sudo-1.8.20p2.tar.gz diff --git a/sources b/sources index 4921bf3..21e6b4a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sudo-1.8.20p1.tar.gz) = b7d4c07a550da917029e31d15e734d9462f3565ee43eb5f6fd19463b54a2fa3f444381f0999d6d1ba643b65832056dd9177dad4452fa9f87f2542c223b13f258 +SHA512 (sudo-1.8.20p2.tar.gz) = 8bf67e687f7a84605fdef8d547b5cd661141b6c8fd25820c33c7e37e97ca7f21f564c3bae691f8a8cd08df7d80338e36a8f06bb5086cc104509d71d6ab1bceda diff --git a/sudo.spec b/sudo.spec index a96a40f..d294619 100644 --- a/sudo.spec +++ b/sudo.spec @@ -2,7 +2,7 @@ Summary: Allows restricted root access for specified users Name: sudo -Version: 1.8.20p1 +Version: 1.8.20p2 Release: 1%{?dist} License: ISC Group: Applications/System @@ -204,6 +204,9 @@ rm -rf $RPM_BUILD_ROOT %{_libexecdir}/sudo/libsudo_util.so %changelog +* Thu Jun 01 2017 Daniel Kopecek 1.8.20p2-1 +- update to 1.8.20p2 + * Wed May 31 2017 Daniel Kopecek 1.8.20p1-1 - update to 1.8.20p1 - fixes CVE-2017-1000367 From 6960df2a33be7da2518ff704df3f34b5385f25d6 Mon Sep 17 00:00:00 2001 From: Marek Tamaskovic Date: Fri, 29 Sep 2017 15:43:08 +0200 Subject: [PATCH 3/3] Update to sudo-1.8.21p2 --- .gitignore | 1 + sources | 2 +- sudo.spec | 8 ++++++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 4f59932..63000a2 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ /sudo-1.8.20b1.tar.gz /sudo-1.8.20p1.tar.gz /sudo-1.8.20p2.tar.gz +/sudo-1.8.21p2.tar.gz diff --git a/sources b/sources index 21e6b4a..a15d86f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sudo-1.8.20p2.tar.gz) = 8bf67e687f7a84605fdef8d547b5cd661141b6c8fd25820c33c7e37e97ca7f21f564c3bae691f8a8cd08df7d80338e36a8f06bb5086cc104509d71d6ab1bceda +SHA512 (sudo-1.8.21p2.tar.gz) = f04bbff54ad74ba73c078e15c75d2f41332d4912078ed66157ba7346b7fff914bd0747460cb4cd0c472af2d3b344fa72f5c62c95169df68a9cac74d7245c720c diff --git a/sudo.spec b/sudo.spec index d294619..1a6e53f 100644 --- a/sudo.spec +++ b/sudo.spec @@ -2,7 +2,7 @@ Summary: Allows restricted root access for specified users Name: sudo -Version: 1.8.20p2 +Version: 1.8.21p2 Release: 1%{?dist} License: ISC Group: Applications/System @@ -178,6 +178,7 @@ rm -rf $RPM_BUILD_ROOT %attr(0644,root,root) %{_libexecdir}/sudo/system_group.so %attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.? %{_libexecdir}/sudo/libsudo_util.so.? +%{_libexecdir}/sudo/libsudo_util.so %{_mandir}/man5/sudoers.5* %{_mandir}/man5/sudoers.ldap.5* %{_mandir}/man5/sudo.conf.5* @@ -201,9 +202,12 @@ rm -rf $RPM_BUILD_ROOT %doc plugins/sample/sample_plugin.c %{_includedir}/sudo_plugin.h %{_mandir}/man8/sudo_plugin.8* -%{_libexecdir}/sudo/libsudo_util.so %changelog +* Thu Sep 21 2017 Marek Tamaskovic - 1.8.21p2-1 +- update to 1.8.21p2 +- Moved libsudo_util.so from the -devel sub-package to main package (1481225) + * Thu Jun 01 2017 Daniel Kopecek 1.8.20p2-1 - update to 1.8.20p2