From 484e6f932c3ce72e6de3242d9ac39bf3447056aa Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Tue, 17 Mar 2015 07:44:20 +0000 Subject: main/sudo: security upgrade to 1.8.12 (CVE-2014-9680) ref #3986 --- main/sudo/APKBUILD | 17 +++++++++-------- main/sudo/domain.patch | 12 ------------ main/sudo/musl-fix-headers.patch | 10 ++++++++++ 3 files changed, 19 insertions(+), 20 deletions(-) delete mode 100644 main/sudo/domain.patch create mode 100644 main/sudo/musl-fix-headers.patch (limited to 'main/sudo') diff --git a/main/sudo/APKBUILD b/main/sudo/APKBUILD index a38e164ba9..e4847f684d 100644 --- a/main/sudo/APKBUILD +++ b/main/sudo/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Natanael Copa pkgname=sudo -pkgver=1.8.11_p2 +pkgver=1.8.12 if [ "${pkgver%_*}" != "$pkgver" ]; then _realver=${pkgver%_*}${pkgver#*_} else @@ -17,7 +17,8 @@ subpackages="$pkgname-doc $pkgname-dev" source="ftp://ftp.sudo.ws/pub/sudo/$pkgname-$_realver.tar.gz fix-cross-compile.patch libcrypt.patch - domain.patch" + musl-fix-headers.patch + " options="suid" _builddir="$srcdir"/$pkgname-$_realver @@ -54,15 +55,15 @@ package() { rm "$pkgdir"/usr/lib/sudo/*.la } -md5sums="84012b4871b6c775c957cd310d5bad87 sudo-1.8.11p2.tar.gz +md5sums="87558f3a55c62bc9244b19594f103ffa sudo-1.8.12.tar.gz 91e1a494af992cc9e598f8bb715a13c9 fix-cross-compile.patch 048e1cc360537bcea5b74a874fd41674 libcrypt.patch -2cfe0d309d42e7278bea325059b48eb5 domain.patch" -sha256sums="8133849418fa18cf6b6bb6893d1855ff7afe21db8923234a00bf045c90fba1ad sudo-1.8.11p2.tar.gz +5d43f046681bd7655cddc868c4e96cdb musl-fix-headers.patch" +sha256sums="163b51841de8ad19276581a6782d61f5948f1f72a0a843371a1c167d3dc4f3b0 sudo-1.8.12.tar.gz 7683c69c977b276882922b826b9166bc0ec8c82e1ca8c97d6d93f4738c0c6a5e fix-cross-compile.patch d26dc7aaa958d988bbb7efaa0118d23e06375cc90868d14d4b2620f55589cb41 libcrypt.patch -1f455dc37a88089017d580a66e805c3e2ad144f16a304ee457b6cfa8668d18dd domain.patch" -sha512sums="fdd6c14c3738cb7bafec9873c49f96270fdd36c72d14d3fc7e1ef3651275961bf17550ac1f56ed445b394985cbbf602b88f52cda1226e9007bed14a4d4fadbaa sudo-1.8.11p2.tar.gz +49d1d94a64d1487c22d32b016d2bf5bb48d23013f0f206f690ad7474cab65ca6 musl-fix-headers.patch" +sha512sums="1815343eceb7cfa6e37c961ce1c68cf96fc290356b92078d6d24a2c85d8b7a7236df78d3ff7f5e30eba492dc8407346d884e01c0b989eef4414156cfec80b67b sudo-1.8.12.tar.gz 4da8baf526dc7b7dac5cc067e52d5ae464b82337ac5d520641b3d93af2cfa4f2d3897f4e6602f988a194b7260e3edea9c57ccfc07a3eed7e9967956851997950 fix-cross-compile.patch 5ad20254aa587ef615f794081ecd55344eada5cf8c1a1d7956cc3f73375554716c483eeb74081da9a8501afce92cfbaf2abe59d1067aac67ce6e4874eb5a23e1 libcrypt.patch -66c724d8e062745be669625dfdf08ee78e04b8b1f28ae61f49d38a952e52045229bbe3d9e0ecfe8e00d1a53db082488198054d23377bf11706bfbefd59068d3d domain.patch" +0b585305c904ed8651999dcac8096a47c6af3edfb0b4857dc1b242efbed1393119d6e5ffb276751a53b6c2d55dc31eb77dcefe1864617f8e7d4ee9ba7b5cd186 musl-fix-headers.patch" diff --git a/main/sudo/domain.patch b/main/sudo/domain.patch deleted file mode 100644 index 49620ebdb6..0000000000 --- a/main/sudo/domain.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- ./plugins/sudoers/match.c.orig -+++ ./plugins/sudoers/match.c -@@ -933,8 +933,8 @@ - bool - netgr_matches(const char *netgr, const char *lhost, const char *shost, const char *user) - { -+ static char *domain = NULL; - #ifdef HAVE_INNETGR -- static char *domain; - static int initialized; - #endif - bool rc = false; diff --git a/main/sudo/musl-fix-headers.patch b/main/sudo/musl-fix-headers.patch new file mode 100644 index 0000000000..8ab84ad8ff --- /dev/null +++ b/main/sudo/musl-fix-headers.patch @@ -0,0 +1,10 @@ +--- ./include/sudo_compat.h.orig ++++ ./include/sudo_compat.h +@@ -27,6 +27,7 @@ + # include + #endif + #include ++#include + + /* + * Macros and functions that may be missing on some operating systems. -- cgit v1.2.3