From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: From: Roland Hieber Date: Tue, 15 Oct 2019 13:58:24 +0200 Message-Id: <20191015115823.3946-1-rhi@pengutronix.de> MIME-Version: 1.0 Subject: [ptxdist] [PATCH] sudo: version bump 1.8.22 -> 1.8.28 List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de Cc: Roland Hieber This update fixes CVE-2019-14287, see also https://www.sudo.ws/alerts/minus_1_uid.html Pin down more configure options, and update the license MD5, which added some more file headers of files under ISC license, reformatted the existing license file headers, and bumped the copyright date to 2019. Signed-off-by: Roland Hieber --- rules/sudo.make | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/rules/sudo.make b/rules/sudo.make index 96349406f67b..a7fa0ad4a2db 100644 --- a/rules/sudo.make +++ b/rules/sudo.make @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_SUDO) += sudo # # Paths and names # -SUDO_VERSION := 1.8.22 -SUDO_MD5 := 24abdea48db4c5abcd410167c801cc8c +SUDO_VERSION := 1.8.28 +SUDO_MD5 := 5afa5acd0c55b40916e4ad864607edfe SUDO := sudo-$(SUDO_VERSION) SUDO_SUFFIX := tar.gz SUDO_URL := \ @@ -25,7 +25,7 @@ SUDO_URL := \ SUDO_SOURCE := $(SRCDIR)/$(SUDO).$(SUDO_SUFFIX) SUDO_DIR := $(BUILDDIR)/$(SUDO) SUDO_LICENSE := ISC AND BSD-3-Clause AND BSD-2-Clause-NetBSD AND Zlib -SUDO_LICENSE_FILES := file://doc/LICENSE;md5=7765a3d787cb4fed3ccc3c9cee030af9 +SUDO_LICENSE_FILES := file://doc/LICENSE;md5=6c76b73603ac7763ab0516ebfbe67b42 # ---------------------------------------------------------------------------- # Prepare @@ -44,22 +44,43 @@ SUDO_ENV := \ # SUDO_AUTOCONF = \ $(CROSS_AUTOCONF_USR) \ + --enable-authentication \ + --disable-root-mailer \ + --enable-setreuid \ + --enable-setresuid \ --enable-shadow \ --enable-root-sudo \ --disable-log-host \ --enable-noargs-shell \ + --disable-shell-sets-home \ --disable-path-info \ + --disable-env-debug \ + --enable-zlib \ + --disable-env-reset \ --enable-warnings \ --disable-werror \ + --disable-openssl \ + --disable-gcrypt \ --enable-hardening \ --enable-pie \ + --enable-asan \ + --enable-poll \ + --disable-admin-flag \ --disable-nls \ --disable-rpath \ --enable-static-sudoers \ --disable-shared-libutil \ + --disable-tmpfiles.d \ + --disable-devsearch \ + --disable-sasl \ + --disable-offensive-insults \ + --disable-package-build \ + --disable-gss-krb5-ccache-name \ + --disable-pvs-studio \ --disable-sia \ $(GLOBAL_LARGE_FILE_OPTION) \ --disable-pam-session \ + --disable-kerb5-instance \ --without-AFS \ --without-DCE \ --without-logincap \ -- 2.23.0 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de