diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2015-03-17 08:22:46 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-03-17 08:22:46 +0000 |
commit | b1df3371d233b3c91a9e14e1ff2650f07e2d38d3 (patch) | |
tree | e5be86e101fd947c5a5ff6999130defd72813024 | |
parent | 59bdfedfe50d0ec2ca461d76faaf6b5aae104fa4 (diff) |
main/sudo: security upgrade to 1.8.12 (CVE-2014-9680)
fixes #3988
-rw-r--r-- | main/sudo/APKBUILD | 31 | ||||
-rw-r--r-- | main/sudo/fix-cross-compile.patch | 18 | ||||
-rw-r--r-- | main/sudo/libcrypt.patch | 14 | ||||
-rw-r--r-- | main/sudo/musl-fix-headers.patch | 10 |
4 files changed, 44 insertions, 29 deletions
diff --git a/main/sudo/APKBUILD b/main/sudo/APKBUILD index c79cdda9ffc..cb54a95883d 100644 --- a/main/sudo/APKBUILD +++ b/main/sudo/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=sudo -pkgver=1.8.8 +pkgver=1.8.12 if [ "${pkgver%_*}" != "$pkgver" ]; then _realver=${pkgver%_*}${pkgver#*_} else @@ -11,17 +11,18 @@ pkgdesc="Give certain users the ability to run some commands as root" url="http://www.sudo.ws/sudo/" arch="all" license='custom ISC' -makedepends="zlib-dev" +makedepends="zlib-dev bash" depends= subpackages="$pkgname-doc $pkgname-dev" source="ftp://ftp.sudo.ws/pub/sudo/$pkgname-$_realver.tar.gz fix-cross-compile.patch - libcrypt.patch" + libcrypt.patch + musl-fix-headers.patch + " _builddir="$srcdir"/$pkgname-$_realver prepare() { cd "$_builddir" - update_config_sub || return 1 for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; @@ -49,14 +50,18 @@ package() { # path components with bad permissions. fix this. install -d -m0755 "$pkgdir"/var "$pkgdir"/var/db || return 1 make -j1 DESTDIR="$pkgdir" install || return 1 + rm "$pkgdir"/usr/libexec/sudo/*.la } -md5sums="fc4f074090afd56d9ff4ff4e97321971 sudo-1.8.8.tar.gz -44a4afb9ac22947ad6a05777ce66c5fc fix-cross-compile.patch -429d9613091f1f3f19ce8def5b3032b3 libcrypt.patch" -sha256sums="9f911c1e9297fb8006deb52fa81197a8d06b9d54e70672f723c467ecae992fc9 sudo-1.8.8.tar.gz -d40eaf27f9bcc4d2151c3133fe12efcf29fe496a4d72dabe22661cf311943f59 fix-cross-compile.patch -80d16a0b4ee7b97eed6806c4cf2c1b04c9d2ae3ec550bc97ed44ff6db8c8d556 libcrypt.patch" -sha512sums="e56ea849c2e6470a3d97fc76bde6af145938cf2df4d17f3faef00368262d8e2dd5bcc7e3adf490e853e23466b15638000a527156bd694ce4980003d751c896d5 sudo-1.8.8.tar.gz -f9257262b32365f1ee8914781f917fc425229f88d3d8df0f33ebb2cfbf0ad8d41a6ea83b15b2c74b1f5728b380bcd1e92ca58e138717e5104a35c2fc8a376ea1 fix-cross-compile.patch -e4b236c2ee47e01222eed98c401861336d49a0c74a28219972c68763a4c9233a010b315850f9f2f4396205dc21c4ce4eeb5c95101464f4f3040b70d25bd2116c libcrypt.patch" +md5sums="87558f3a55c62bc9244b19594f103ffa sudo-1.8.12.tar.gz +91e1a494af992cc9e598f8bb715a13c9 fix-cross-compile.patch +048e1cc360537bcea5b74a874fd41674 libcrypt.patch +5d43f046681bd7655cddc868c4e96cdb musl-fix-headers.patch" +sha256sums="163b51841de8ad19276581a6782d61f5948f1f72a0a843371a1c167d3dc4f3b0 sudo-1.8.12.tar.gz +7683c69c977b276882922b826b9166bc0ec8c82e1ca8c97d6d93f4738c0c6a5e fix-cross-compile.patch +d26dc7aaa958d988bbb7efaa0118d23e06375cc90868d14d4b2620f55589cb41 libcrypt.patch +49d1d94a64d1487c22d32b016d2bf5bb48d23013f0f206f690ad7474cab65ca6 musl-fix-headers.patch" +sha512sums="1815343eceb7cfa6e37c961ce1c68cf96fc290356b92078d6d24a2c85d8b7a7236df78d3ff7f5e30eba492dc8407346d884e01c0b989eef4414156cfec80b67b sudo-1.8.12.tar.gz +4da8baf526dc7b7dac5cc067e52d5ae464b82337ac5d520641b3d93af2cfa4f2d3897f4e6602f988a194b7260e3edea9c57ccfc07a3eed7e9967956851997950 fix-cross-compile.patch +5ad20254aa587ef615f794081ecd55344eada5cf8c1a1d7956cc3f73375554716c483eeb74081da9a8501afce92cfbaf2abe59d1067aac67ce6e4874eb5a23e1 libcrypt.patch +0b585305c904ed8651999dcac8096a47c6af3edfb0b4857dc1b242efbed1393119d6e5ffb276751a53b6c2d55dc31eb77dcefe1864617f8e7d4ee9ba7b5cd186 musl-fix-headers.patch" diff --git a/main/sudo/fix-cross-compile.patch b/main/sudo/fix-cross-compile.patch index 89fcd043f1e..f9993fa8800 100644 --- a/main/sudo/fix-cross-compile.patch +++ b/main/sudo/fix-cross-compile.patch @@ -1,15 +1,15 @@ ---- sudo-1.8.7/compat/Makefile.in.orig -+++ sudo-1.8.7/compat/Makefile.in -@@ -93,10 +93,10 @@ +--- ./lib/util/Makefile.in.orig ++++ ./lib/util/Makefile.in +@@ -148,10 +148,10 @@ ./mksigname > $@ - mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/missing.h $(top_builddir)/config.h -- $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ + mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/sudo_compat.h $(top_builddir)/config.h +- $(CC) $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ + $${HOSTCC:-gcc} -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(DEFS) $(srcdir)/mksiglist.c -o $@ - mksigname: $(srcdir)/mksigname.c $(srcdir)/mksigname.h $(incdir)/missing.h $(top_builddir)/config.h -- $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ + mksigname: $(srcdir)/mksigname.c $(srcdir)/mksigname.h $(incdir)/sudo_compat.h $(top_builddir)/config.h +- $(CC) $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ + $${HOSTCC:-gcc} -I$(incdir) -I$(top_builddir) -I$(top_srcdir) $(DEFS) $(srcdir)/mksigname.c -o $@ - fnm_test: fnm_test.o libreplace.la - $(LIBTOOL) --mode=link $(CC) -o $@ fnm_test.o libreplace.la $(PIE_LDFLAGS) $(SSP_LDFLAGS) + $(srcdir)/mksiglist.h: $(srcdir)/siglist.in + @if [ -n "$(DEVEL)" ]; then \ diff --git a/main/sudo/libcrypt.patch b/main/sudo/libcrypt.patch index 0bab0386320..e83b691134d 100644 --- a/main/sudo/libcrypt.patch +++ b/main/sudo/libcrypt.patch @@ -1,11 +1,11 @@ --- ./plugins/sudoers/Makefile.in.orig +++ ./plugins/sudoers/Makefile.in -@@ -45,7 +45,7 @@ - # Libraries - LIBS = $(top_builddir)/common/libcommon.la $(top_builddir)/@ac_config_libobj_dir@/libreplace.la +@@ -52,7 +52,7 @@ + LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la + LIBS = $(LT_LIBS) @LIBINTL@ NET_LIBS = @NET_LIBS@ --SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ -+SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ -lcrypt +-SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@ ++SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@ -lcrypt REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@ - - # C preprocessor flags + VISUDO_LIBS = $(NET_LIBS) @LIBMD@ + TESTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@ diff --git a/main/sudo/musl-fix-headers.patch b/main/sudo/musl-fix-headers.patch new file mode 100644 index 00000000000..8ab84ad8ff2 --- /dev/null +++ b/main/sudo/musl-fix-headers.patch @@ -0,0 +1,10 @@ +--- ./include/sudo_compat.h.orig ++++ ./include/sudo_compat.h +@@ -27,6 +27,7 @@ + # include <stddef.h> + #endif + #include <stdarg.h> ++#include <sys/types.h> + + /* + * Macros and functions that may be missing on some operating systems. |