From 200fa940281096a87ced976baeae173eeca4e391 Mon Sep 17 00:00:00 2001 From: Daniel Kopecek Date: Wed, 18 Feb 2015 10:32:39 +0100 Subject: [PATCH] update to 1.8.12 - fixes CVE-2014-9680 --- .gitignore | 1 + sources | 2 +- sudo.spec | 12 ++++++++---- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index b8a25f7..31c82be 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ sudo-1.7.2p2-sudoers /sudo-1.8.8-sudoers /sudo-1.8.11.tar.gz /sudo-1.8.11p2.tar.gz +/sudo-1.8.12.tar.gz diff --git a/sources b/sources index 4762a29..4bfc811 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ 775b863cdff3a2ee2a26c2d53b51aff5 sudo-1.8.8-sudoers -84012b4871b6c775c957cd310d5bad87 sudo-1.8.11p2.tar.gz +87558f3a55c62bc9244b19594f103ffa sudo-1.8.12.tar.gz diff --git a/sudo.spec b/sudo.spec index f915365..8630d4b 100644 --- a/sudo.spec +++ b/sudo.spec @@ -1,6 +1,6 @@ Summary: Allows restricted root access for specified users Name: sudo -Version: 1.8.11p2 +Version: 1.8.12 Release: 1%{?dist} License: ISC Group: Applications/System @@ -28,8 +28,6 @@ BuildRequires: zlib-devel Patch1: sudo-1.6.7p5-strip.patch # Patch to read ldap.conf more closely to nss_ldap Patch2: sudo-1.8.11b4-ldapconfpatch.patch -# Don't exit if audit is not supported by the kernel -Patch3: sudo-1.8.11p2-auditfix.patch %description Sudo (superuser do) allows a system administrator to give certain @@ -56,7 +54,6 @@ plugins that use %{name}. %patch1 -p1 -b .strip %patch2 -p1 -b .ldapconfpatch -%patch3 -p1 -b .auditfix %build # Remove bundled copy of zlib @@ -110,6 +107,9 @@ chmod -x $RPM_BUILD_ROOT%{_pkgdocdir}/sudoers2ldif # Don't package LICENSE as a doc rm -rf $RPM_BUILD_ROOT%{_pkgdocdir}/LICENSE +# Remove examples; Examples can be found in man pages too. +rm -rf $RPM_BUILD_ROOT%{_datadir}/examples/sudo + %find_lang sudo %find_lang sudoers @@ -185,6 +185,10 @@ rm -rf $RPM_BUILD_ROOT %attr(0644,root,root) %{_libexecdir}/sudo/*.la %changelog +* Wed Feb 18 2015 Daniel Kopecek - 1.8.12 +- update to 1.8.12 +- fixes CVE-2014-9680 + * Mon Nov 3 2014 Daniel Kopecek - 1.8.11p2-1 - update to 1.8.11p2 - added patch to fix upstream bug #671 -- exiting immediately