Rebase to 1.9.5p1

Resolves: rhbz#1902758 - fixed double free in sss_to_sudoers Resolves: rhbz#1885874 - fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhbz#1915055 - fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz#1915054 Signed-off-by: Radovan Sroka <rsroka@redhat.com>
2021-01-18 21:07:57 +01:00 · 2021-01-18 21:07:57 +01:00 · a0dc0e6d59
parent e30e387ccf
commit a0dc0e6d59
3 changed files with 14 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -25,3 +25,4 @@
 /sudo-1.9.1.tar.gz
 /sudo-1.9.2.tar.gz
 /sudo-1.9.3p1.tar.gz
+/sudo-1.9.5p1.tar.gz
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (sudo-1.9.3p1.tar.gz) = 3ad13fd03e5b371fd6bf7909731ffc11431d2182a744b654f7e5d4b810e47955d49bc78f551afe13ec56acbce694139c33a15bc022cea41b17af5496b8b7f89f
+SHA512 (sudo-1.9.5p1.tar.gz) = 0168f0b61a6c2d2f60a92b5b4d3c3254aed4116decabac3821d9ac2fd7f74bb7b019e35bb8955335315b3b00ddf4e4acd82540df0addc1d9bf4f44b60447a878
--- a/sudo.spec
+++ b/sudo.spec
@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.9.3p1
-Release: 2%{?dist}
+Version: 1.9.5p1
+Release: 1%{?dist}
 License: ISC
 URL: https://www.sudo.ws
 Source0: %{url}/dist/%{name}-%{version}.tar.gz
@ -230,6 +230,16 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so

 %changelog
+* Mon Jan 18 2021 Radovan Sroka <rsroka@redhat.com> - 1.9.5p1-1
+- rebase to 1.9.5p1
+Resolves: rhbz#1902758
+- fixed double free in sss_to_sudoers
+Resolves: rhbz#1885874
+- fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit
+Resolves: rhbz#1915055
+- fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit
+Resolves: rhbz#1915054
+
 * Wed Jan 13 2021 Jonathan Lebon <jonathan@jlebon.com> - 1.9.3p1-2
 - split out Python modules into separate subpackage
 Resolves: rhbz#1909299