* [PATCH 0/1] sudo upgrade
@ 2012-02-28 21:45 Scott Garman
2012-02-28 21:45 ` [PATCH 1/1] sudo: upgrade to 1.8.4 Scott Garman
0 siblings, 1 reply; 3+ messages in thread
From: Scott Garman @ 2012-02-28 21:45 UTC (permalink / raw)
To: openembedded-core
Hello,
This upgrade to sudo fixes a significant security vulnerability.
The following changes since commit 61216d2743502ef38955054aad6a4f2ed63e6d43:
licenses.conf: fix quotting of SRC_DISTRIBUTE_LICENSES (2012-02-28 17:51:42 +0000)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib sgarman/sudo-upgrade-final
http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=sgarman/sudo-upgrade-final
Scott Garman (1):
sudo: upgrade to 1.8.4
meta/recipes-extended/sudo/sudo.inc | 7 ++++---
.../sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} | 4 ++--
2 files changed, 6 insertions(+), 5 deletions(-)
rename meta/recipes-extended/sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} (84%)
--
1.7.5.4
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 1/1] sudo: upgrade to 1.8.4
2012-02-28 21:45 [PATCH 0/1] sudo upgrade Scott Garman
@ 2012-02-28 21:45 ` Scott Garman
2012-03-02 14:02 ` Richard Purdie
0 siblings, 1 reply; 3+ messages in thread
From: Scott Garman @ 2012-02-28 21:45 UTC (permalink / raw)
To: openembedded-core
During the upgrade to 1.8.4, the UCB-licensed fnmatch.c was replaced
with a non-recursive BSD-licensed version, hence the removal of UCB
and addition of BSD in the LICENSE field. This led to checksum changes
in the doc/LICENSE file, and we now additionally track the comment
headers in redblack.c.
These changes were confirmed on the sudo mailing list:
http://www.sudo.ws/pipermail/sudo-workers/2012-February/000736.html
This upgrade also fixes CVE-2012-0809.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
meta/recipes-extended/sudo/sudo.inc | 7 ++++---
.../sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} | 4 ++--
2 files changed, 6 insertions(+), 5 deletions(-)
rename meta/recipes-extended/sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} (84%)
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 83dd209..2168690 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -3,9 +3,10 @@ DESCRIPTION = "Sudo (superuser do) allows a system administrator to give certain
HOMEPAGE = "http://www.sudo.ws"
BUGTRACKER = "http://www.sudo.ws/bugs/"
SECTION = "admin"
-LICENSE = "ISC & UCB & Zlib"
-LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=54f1b46c2459ecec3d892618eab44302 \
- file://compat/fnmatch.c;beginline=6;endline=31;md5=5872733146b9eb0deb79e1f664815b85 \
+LICENSE = "ISC & BSD & Zlib"
+LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=19f95c610f585c26a836975654807669 \
+ file://plugins/sudoers/redblack.c;beginline=1;endline=41;md5=fba1c1dca0951819964dfdc618e81724 \
+ file://compat/fnmatch.c;beginline=3;endline=27;md5=67f83ee9bd456557397082f8f1be0efd \
file://compat/getcwd.c;beginline=5;endline=27;md5=449af4cc57fc7d46f42090608ba3e681 \
file://compat/glob.c;beginline=6;endline=31;md5=5872733146b9eb0deb79e1f664815b85 \
file://compat/snprintf.c;beginline=6;endline=31;md5=c98b24f02967c095d7a70ae2e4d4d4ea"
diff --git a/meta/recipes-extended/sudo/sudo_1.8.3.bb b/meta/recipes-extended/sudo/sudo_1.8.4.bb
similarity index 84%
rename from meta/recipes-extended/sudo/sudo_1.8.3.bb
rename to meta/recipes-extended/sudo/sudo_1.8.4.bb
index 99fe5b9..dfa7291 100644
--- a/meta/recipes-extended/sudo/sudo_1.8.3.bb
+++ b/meta/recipes-extended/sudo/sudo_1.8.4.bb
@@ -8,8 +8,8 @@ SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
PAM_SRC_URI = "file://sudo.pam"
-SRC_URI[md5sum] = "9e5517bbf3aee420b38c2d1d7a71bcad"
-SRC_URI[sha256sum] = "ff1fcc410c5465063ee4912912e29936ea39f017d9a8a57ec76b0ded71b7c3c4"
+SRC_URI[md5sum] = "5a54dde137618bbc1dd46bb0ef725d7d"
+SRC_URI[sha256sum] = "17a91da1857954aa73445197e6f73d5d50cc8c48719f6db457723bb8badc32a5"
DEPENDS += " ${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
RDEPENDS_${PN} += " ${@base_contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"
--
1.7.5.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] sudo: upgrade to 1.8.4
2012-02-28 21:45 ` [PATCH 1/1] sudo: upgrade to 1.8.4 Scott Garman
@ 2012-03-02 14:02 ` Richard Purdie
0 siblings, 0 replies; 3+ messages in thread
From: Richard Purdie @ 2012-03-02 14:02 UTC (permalink / raw)
To: Patches and discussions about the oe-core layer
On Tue, 2012-02-28 at 13:45 -0800, Scott Garman wrote:
> During the upgrade to 1.8.4, the UCB-licensed fnmatch.c was replaced
> with a non-recursive BSD-licensed version, hence the removal of UCB
> and addition of BSD in the LICENSE field. This led to checksum changes
> in the doc/LICENSE file, and we now additionally track the comment
> headers in redblack.c.
>
> These changes were confirmed on the sudo mailing list:
>
> http://www.sudo.ws/pipermail/sudo-workers/2012-February/000736.html
>
> This upgrade also fixes CVE-2012-0809.
>
> Signed-off-by: Scott Garman <scott.a.garman@intel.com>
> ---
> meta/recipes-extended/sudo/sudo.inc | 7 ++++---
> .../sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} | 4 ++--
> 2 files changed, 6 insertions(+), 5 deletions(-)
> rename meta/recipes-extended/sudo/{sudo_1.8.3.bb => sudo_1.8.4.bb} (84%)
Merged to master, thanks.
Richard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-03-02 14:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-02-28 21:45 [PATCH 0/1] sudo upgrade Scott Garman
2012-02-28 21:45 ` [PATCH 1/1] sudo: upgrade to 1.8.4 Scott Garman
2012-03-02 14:02 ` Richard Purdie
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox