Commit 7889ff1c authored by Kevin Daudt's avatar Kevin Daudt 💻
Browse files

main/sudo: security upgrade to 1.9.5p2 (CVE-2021-3156)

No patches are available for 1.8.27

See #12356
parent e8d9a025
......@@ -2,13 +2,13 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sudo
pkgver=1.8.27
pkgver=1.9.5p2
if [ "${pkgver%_*}" != "$pkgver" ]; then
_realver=${pkgver%_*}${pkgver#*_}
else
_realver=$pkgver
fi
pkgrel=2
pkgrel=0
pkgdesc="Give certain users the ability to run some commands as root"
url="https://www.sudo.ws/sudo/"
arch="all"
......@@ -18,21 +18,21 @@ depends=
subpackages="$pkgname-doc $pkgname-dev"
source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz
fix-cross-compile.patch
fix-tests.patch
libcrypt.patch
sudo-cvtsudoers.patch
CVE-2019-14287.patch
CVE-2019-18634.patch
SIGUNUSED.patch
"
options="suid"
# secfixes:
# 1.9.5p2-r0:
# - CVE-2021-3156
# - CVE-2021-23239
# - CVE-2021-23240
# 1.8.27-r2:
# - CVE-2019-18634
# - CVE-2019-18634
# 1.8.27-r1:
# - CVE-2019-14287
# - CVE-2019-14287
# 1.8.20_p2-r0:
# - CVE-2017-1000368
# - CVE-2017-1000368
builddir="$srcdir"/$pkgname-$_realver
build() {
......@@ -68,10 +68,6 @@ package() {
rm -rf "$pkgdir"/var/run
}
sha512sums="0480def650ab880ab9e6c51c606a06897fd638f0381e99c038f5aa47d064aaa2fb35b73eee7f86e73185e18d5dbb8b6ba49c616b1785a1edb2dd6d7b2fa4fcac sudo-1.8.27.tar.gz
sha512sums="f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27 sudo-1.9.5p2.tar.gz
f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c fix-cross-compile.patch
b2d7816d334826545420c578114e5af361ced65c00e5bfc2e0b16f3c9325aa9d2b902defeebb181da3cf7bc6aba3a59a496293d2f11d83c9793f11138ba50343 fix-tests.patch
0fa06d13d202ee5ab58596413a7498b3e9b6925e87385bb876f5e0b29b22010a84918686a5974de87392ab18158e883da343fe6a14448a4e273eaa1bb81f5995 libcrypt.patch
a4a219c16cd353b54f69b74ce7383b90f89745351776bd91bfccb63a2211fa84177719634d4e7e753cf22a8b175d797a474416ffac66d4aee31d3b8e28bfabd1 sudo-cvtsudoers.patch
bad0eda3a7473e4b13d2d9744c41d37bd1c2f4a50491e7e6c6e2cdb67f98eea5d595ead70ab7ac93444d41d1c9f65d83e67f905614869b9df0bd59365fefae1f CVE-2019-14287.patch
2e701aecd05f2a9b77e77f43e91d748794661dabfc7a0826bea41a9668220a1889f273568b67632829df7dba66ad3d2e0e73513ca59753c1c8e64967f0e705f8 CVE-2019-18634.patch"
03a2cef9fcc26cc2711edb5928c945fcf214b22139bb88d77538d25f3bfd144d17b6c9dabb1e01960ac1697d83b3452397a5ef4c7d0e68ea72548a631b212e6d SIGUNUSED.patch"
Upstream: No
Reason: Musl compatibility
--- a/lib/util/siglist.in 2019-10-10 11:32:54.000000000 -0500
+++ b/lib/util/siglist.in 2019-10-14 16:42:46.259938722 -0500
@@ -17,11 +17,12 @@
EMT EMT trap
FPE Floating point exception
KILL Killed
+# before UNUSED (musl defines them as the same number)
+ SYS Bad system call
# before BUS (Older Linux doesn't really have a BUS, but defines it to UNUSED)
UNUSED Unused
BUS Bus error
SEGV Memory fault
- SYS Bad system call
PIPE Broken pipe
ALRM Alarm clock
TERM Terminated
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment