update to 1.9.5p2 to address bug 1920618 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing

2021-01-26 14:00:13 -05:00 · 2021-01-26 14:00:13 -05:00 · 36f24bedc6
parent a0dc0e6d59
commit 36f24bedc6
3 changed files with 7 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -26,3 +26,4 @@
 /sudo-1.9.2.tar.gz
 /sudo-1.9.3p1.tar.gz
 /sudo-1.9.5p1.tar.gz
+/sudo-1.9.5p2.tar.gz
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (sudo-1.9.5p1.tar.gz) = 0168f0b61a6c2d2f60a92b5b4d3c3254aed4116decabac3821d9ac2fd7f74bb7b019e35bb8955335315b3b00ddf4e4acd82540df0addc1d9bf4f44b60447a878
+SHA512 (sudo-1.9.5p2.tar.gz) = f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27
--- a/sudo.spec
+++ b/sudo.spec
@ -1,6 +1,6 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.9.5p1
+Version: 1.9.5p2
 Release: 1%{?dist}
 License: ISC
 URL: https://www.sudo.ws
@ -230,6 +230,10 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so

 %changelog
+* Tue Jan 26 2021 Matthew Miller <mattdm@fedoraproject.org> - 1.9.5p2-1
+- rebase to 1.9.5p2
+Resolves: 1920618
+
 * Mon Jan 18 2021 Radovan Sroka <rsroka@redhat.com> - 1.9.5p1-1
 - rebase to 1.9.5p1
 Resolves: rhbz#1902758