webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6db404e6a982a18683d5162493ea5ec2db65ef82
bpfire/lfs/sudo
Adolf Belka 273708295b sudo: Upgrade to 1.9.5p2 
- Update sudo from 1.9.5p1 to 1.9.5p2
- Major changes between version 1.9.5p2 and 1.9.5p1:
    Fixed sudo's setprogname(3) emulation on systems that don't provide it.
    Fixed a problem with the sudoers log server client where a partial write to the server could result the sudo process consuming large amounts of CPU time due to a cycle in the buffer queue. Bug #954.
    Added a missing dependency on libsudo_util in libsudo_eventlog. Fixes a link error when building sudo statically.
    The user's KRB5CCNAME environment variable is now preserved when performing PAM authentication. This fixes GSSAPI authentication when the user has a non-default ccache.
    When invoked as sudoedit, the same set of command line options are now accepted as for sudo -e. The -H and -P options are now rejected for sudoedit and sudo -e which matches the sudo 1.7 behavior. This is part of the fix for CVE-2021-3156.
    Fixed a potential buffer overflow when unescaping backslashes in the command's arguments. Normally, sudo escapes special characters when running a command via a shell (sudo -s or sudo -i). However, it was also possible to run sudoedit with the -s or -i flags in which case no escaping had actually been done, making a buffer overflow possible. This fixes CVE-2021-3156.
- No change to rootfile

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2021-01-27 21:06:57 +00:00

88 lines
3.3 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 1.9.5p2
THISAPP = sudo-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = e6bc4c18c06346e6b3431637a2b5f3d5
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--libexecdir=/usr/lib \
--with-logging=syslog \
--with-logfac=authpriv \
--with-env-editor \
--with-ignore-dot \
--with-tty-tickets \
--with-passprompt="[sudo] password for %p: " \
--without-pam
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink