system/sudo: upgrade to 1.9.9

author: Síle Ekaterin Liszka <sheila@vulpine.house> 2022-02-21 04:08:26 -0800
committer: A. Wilcox <AWilcox@Wilcox-Tech.com> 2022-04-24 20:52:27 -0500
commit: 7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9 (patch)
tree: f3b84381ca3734f226a186c8b60bda2191fba195
parent: dccfd02334149b10f29724c96c790cb995735cfe (diff)
download: packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.gz
packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.bz2
packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.xz
packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.zip
5 files changed, 8 insertions, 224 deletions
diff --git a/system/sudo/APKBUILD b/system/sudo/APKBUILD
index 1305a61f3..6aa3c4bf3 100644
--- a/system/sudo/APKBUILD
+++ b/system/sudo/APKBUILD
@@ -3,13 +3,13 @@
 # Contributor: Natanael Copa <ncopa@alpinelinux.org>
 # Maintainer: Horst Burkhardt <horst@adelielinux.org>
 pkgname=sudo
-pkgver=1.9.2
+pkgver=1.9.9
 if [ "${pkgver%_*}" != "$pkgver" ]; then
 	_realver=${pkgver%_*}${pkgver#*_}
 else
 	_realver=$pkgver
 fi
-pkgrel=2
+pkgrel=0
 pkgdesc="Give certain users the ability to run some commands as root"
 url="https://www.sudo.ws/sudo/"
 arch="all"
@@ -20,12 +20,7 @@ makedepends_host="linux-pam-dev zlib-dev utmps-dev"
 makedepends_build="bash"
 makedepends="$makedepends_host $makedepends_build"
 subpackages="$pkgname-doc $pkgname-dev $pkgname-lang"
-source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz
-	fix-cross-compile.patch
-	musl-fix-headers.patch
-	SIGUNUSED.patch
-	CVE-2021-3156.patch
-	"
+source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz"
 builddir="$srcdir"/$pkgname-$_realver
 somask="audit_json.so
 	group_file.so
@@ -37,6 +32,10 @@ somask="audit_json.so
 	"
 
 # secfixes:
+#   1.9.9-r0:
+#     - CVE-2021-3156
+#     - CVE-2021-23239
+#     - CVE-2021-23240
 #   1.8.20_p2-r0:
 #     - CVE-2017-1000368
 #   1.8.28-r0:
@@ -64,11 +63,6 @@ build() {
 		--disable-log-server \
 		--disable-log-client \
 		--with-secure-path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-
-	# Workaround until SIGUNUSED.patch is not needed anymore
-	rm lib/util/mksiglist.h lib/util/mksigname.h
-	make -C lib/util DEVEL=1 mksiglist.h mksigname.h
-
 	make
 }
 
@@ -84,8 +78,4 @@ package() {
 	rm -rf "$pkgdir"/var/run
 }
 
-sha512sums="20afdf2604b1c93395157382b24f225cd1ff88d3a892362e2d69fecd240c4e7171f05032c08be1778cd1dea6e460025e4241f57272fac0ea3550e220b6d73d21  sudo-1.9.2.tar.gz
-f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c  fix-cross-compile.patch
-dcc03abdd672c934f90dfd3683b3f81a8d39cfff91307d2dbd20a31a852022ab605d034c4fe11860ba99b78d391a9812fca1d6e052620b8ff2c42e4f0c7a1a62  musl-fix-headers.patch
-2733c220ccbdaf61a32d8c72a5bc0209673733014f0d71b568f1523b71416e9d1754dd8c95bc6cd99aa7f935ed6e93c5f19b1a1dbb7dfc2daf9917fd37f96e78  SIGUNUSED.patch
-7ef329edccbbd26ac55ff58d4c6c470bf2d829ff8ad1388d67b6ea8c2c8284fd362209cf11458787efaa4e301106bd3b49b8b7310c9d222ac3a3483a17b3ec0e  CVE-2021-3156.patch"
+sha512sums="53064240431ae3d9409dc5cb7d72ab55d9ab5f802af4de99fadd987855461b3cca53f261d6256e3b6f35e30c7e162f4dfa3978ef6976415cf5be874fb2026614  sudo-1.9.9.tar.gz"
diff --git a/system/sudo/CVE-2021-3156.patch b/system/sudo/CVE-2021-3156.patch
deleted file mode 100644
index 7cb492d61..000000000
--- a/system/sudo/CVE-2021-3156.patch
+++ /dev/null
@@ -1,165 +0,0 @@
-
-# HG changeset patch
-# User Todd C. Miller <Todd.Miller@sudo.ws>
-# Date 1611416639 25200
-# Node ID 049ad90590be1e5dfb7df2675d2eb3e37c96ab86
-# Parent  a97dc92eae6b60ae285055441341d493c17262ff
-Fix potential buffer overflow when unescaping backslashes in user_args.
-Also, do not try to unescaping backslashes unless in run mode *and*
-we are running the command via a shell.
-Found by Qualys, this fixes CVE-2021-3156.
-
-diff -r a97dc92eae6b -r 049ad90590be plugins/sudoers/sudoers.c
---- a/plugins/sudoers/sudoers.c	Sat Jan 23 08:43:59 2021 -0700
-+++ b/plugins/sudoers/sudoers.c	Sat Jan 23 08:43:59 2021 -0700
-@@ -547,7 +547,7 @@
- 
-     /* If run as root with SUDO_USER set, set sudo_user.pw to that user. */
-     /* XXX - causes confusion when root is not listed in sudoers */
--    if (sudo_mode & (MODE_RUN | MODE_EDIT) && prev_user != NULL) {
-+    if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT) && prev_user != NULL) {
- 	if (user_uid == 0 && strcmp(prev_user, "root") != 0) {
- 	    struct passwd *pw;
- 
-@@ -932,8 +932,8 @@
-     if (user_cmnd == NULL)
- 	user_cmnd = NewArgv[0];
- 
--    if (sudo_mode & (MODE_RUN | MODE_EDIT | MODE_CHECK)) {
--	if (ISSET(sudo_mode, MODE_RUN | MODE_CHECK)) {
-+    if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT|MODE_CHECK)) {
-+	if (!ISSET(sudo_mode, MODE_EDIT)) {
- 	    if (def_secure_path && !user_is_exempt())
- 		path = def_secure_path;
- 	    if (!set_perms(PERM_RUNAS))
-@@ -961,7 +961,8 @@
- 		sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
- 		debug_return_int(NOT_FOUND_ERROR);
- 	    }
--	    if (ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL)) {
-+	    if (ISSET(sudo_mode, MODE_SHELL|MODE_LOGIN_SHELL) &&
-+		    ISSET(sudo_mode, MODE_RUN)) {
- 		/*
- 		 * When running a command via a shell, the sudo front-end
- 		 * escapes potential meta chars.  We unescape non-spaces
-@@ -969,10 +970,22 @@
- 		 */
- 		for (to = user_args, av = NewArgv + 1; (from = *av); av++) {
- 		    while (*from) {
--			if (from[0] == '\\' && !isspace((unsigned char)from[1]))
-+			if (from[0] == '\\' && from[1] != '\0' &&
-+				!isspace((unsigned char)from[1])) {
- 			    from++;
-+			}
-+			if (size - (to - user_args) < 1) {
-+			    sudo_warnx(U_("internal error, %s overflow"),
-+				__func__);
-+			    debug_return_int(NOT_FOUND_ERROR);
-+			}
- 			*to++ = *from++;
- 		    }
-+		    if (size - (to - user_args) < 1) {
-+			sudo_warnx(U_("internal error, %s overflow"),
-+			    __func__);
-+			debug_return_int(NOT_FOUND_ERROR);
-+		    }
- 		    *to++ = ' ';
- 		}
- 		*--to = '\0';
-
-
-# HG changeset patch
-# User Todd C. Miller <Todd.Miller@sudo.ws>
-# Date 1611416639 25200
-# Node ID 9b97f1787804aedccaec63c379053b1a91a0e409
-# Parent  90aba6ba6e03f3bc33b4eabf16358396ed83642d
-Reset valid_flags to MODE_NONINTERACTIVE for sudoedit.
-This is consistent with how the -e option is handled.
-Also reject -H and -P flags for sudoedit as was done in sudo 1.7.
-Found by Qualys, this is part of the fix for CVE-2021-3156.
-
-diff -r 90aba6ba6e03 -r 9b97f1787804 src/parse_args.c
---- a/src/parse_args.c	Mon Jan 18 12:30:52 2021 +0100
-+++ b/src/parse_args.c	Sat Jan 23 08:43:59 2021 -0700
-@@ -117,7 +117,10 @@
- /*
-  * Default flags allowed when running a command.
-  */
--#define DEFAULT_VALID_FLAGS	(MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_SHELL)
-+#define DEFAULT_VALID_FLAGS	(MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_PRESERVE_GROUPS|MODE_SHELL)
-+#define EDIT_VALID_FLAGS	MODE_NONINTERACTIVE
-+#define LIST_VALID_FLAGS	(MODE_NONINTERACTIVE|MODE_LONG_LIST)
-+#define VALIDATE_VALID_FLAGS	MODE_NONINTERACTIVE
- 
- /* Option number for the --host long option due to ambiguity of the -h flag. */
- #define OPT_HOSTNAME	256
-@@ -262,6 +265,7 @@
- 	progname = "sudoedit";
- 	mode = MODE_EDIT;
- 	sudo_settings[ARG_SUDOEDIT].value = "true";
-+	valid_flags = EDIT_VALID_FLAGS;
-     }
- 
-     /* Load local IP addresses and masks. */
-@@ -365,7 +369,7 @@
- 			usage_excl();
- 		    mode = MODE_EDIT;
- 		    sudo_settings[ARG_SUDOEDIT].value = "true";
--		    valid_flags = MODE_NONINTERACTIVE;
-+		    valid_flags = EDIT_VALID_FLAGS;
- 		    break;
- 		case 'g':
- 		    assert(optarg != NULL);
-@@ -377,6 +381,7 @@
- 		    break;
- 		case 'H':
- 		    sudo_settings[ARG_SET_HOME].value = "true";
-+		    SET(flags, MODE_RESET_HOME);
- 		    break;
- 		case 'h':
- 		    if (optarg == NULL) {
-@@ -431,7 +436,7 @@
- 			    usage_excl();
- 		    }
- 		    mode = MODE_LIST;
--		    valid_flags = MODE_NONINTERACTIVE|MODE_LONG_LIST;
-+		    valid_flags = LIST_VALID_FLAGS;
- 		    break;
- 		case 'n':
- 		    SET(flags, MODE_NONINTERACTIVE);
-@@ -439,6 +444,7 @@
- 		    break;
- 		case 'P':
- 		    sudo_settings[ARG_PRESERVE_GROUPS].value = "true";
-+		    SET(flags, MODE_PRESERVE_GROUPS);
- 		    break;
- 		case 'p':
- 		    /* An empty prompt is allowed. */
-@@ -505,7 +511,7 @@
- 		    if (mode && mode != MODE_VALIDATE)
- 			usage_excl();
- 		    mode = MODE_VALIDATE;
--		    valid_flags = MODE_NONINTERACTIVE;
-+		    valid_flags = VALIDATE_VALID_FLAGS;
- 		    break;
- 		case 'V':
- 		    if (mode && mode != MODE_VERSION)
-@@ -533,7 +539,7 @@
-     if (!mode) {
- 	/* Defer -k mode setting until we know whether it is a flag or not */
- 	if (sudo_settings[ARG_IGNORE_TICKET].value != NULL) {
--	    if (argc == 0 && !(flags & (MODE_SHELL|MODE_LOGIN_SHELL))) {
-+	    if (argc == 0 && !ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL)) {
- 		mode = MODE_INVALIDATE;	/* -k by itself */
- 		sudo_settings[ARG_IGNORE_TICKET].value = NULL;
- 		valid_flags = 0;
-@@ -601,7 +607,7 @@
-     /*
-      * For shell mode we need to rewrite argv
-      */
--    if (ISSET(mode, MODE_RUN) && ISSET(flags, MODE_SHELL)) {
-+    if (ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL) && ISSET(mode, MODE_RUN)) {
- 	char **av, *cmnd = NULL;
- 	int ac = 1;
- 
-
diff --git a/system/sudo/SIGUNUSED.patch b/system/sudo/SIGUNUSED.patch
deleted file mode 100644
index 969c3e82d..000000000
--- a/system/sudo/SIGUNUSED.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- sudo-1.8.28/lib/util/siglist.in	2019-10-10 11:32:54.000000000 -0500
-+++ sudo-1.8.28/lib/util/siglist.in	2019-10-14 16:42:46.259938722 -0500
-@@ -17,11 +17,12 @@
-     EMT     EMT trap
-     FPE     Floating point exception
-     KILL    Killed
-+# before UNUSED (musl defines them as the same number)
-+    SYS     Bad system call
- # before BUS (Older Linux doesn't really have a BUS, but defines it to UNUSED)
-     UNUSED  Unused
-     BUS     Bus error
-     SEGV    Memory fault
--    SYS     Bad system call
-     PIPE    Broken pipe
-     ALRM    Alarm clock
-     TERM    Terminated
diff --git a/system/sudo/fix-cross-compile.patch b/system/sudo/fix-cross-compile.patch
deleted file mode 100644
index d2fc97cca..000000000
--- a/system/sudo/fix-cross-compile.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- ./lib/util/Makefile.in.orig
-+++ ./lib/util/Makefile.in
-@@ -160,10 +160,10 @@
- 	./mksigname > $@
- 
- mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/sudo_compat.h $(top_builddir)/config.h
--	$(CC) $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksiglist.c -o $@
-+	$${HOSTCC:-gcc} $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksiglist.c -o $@
- 
- mksigname: $(srcdir)/mksigname.c $(srcdir)/mksigname.h $(incdir)/sudo_compat.h $(top_builddir)/config.h
--	$(CC) $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksigname.c -o $@
-+	$${HOSTCC:-gcc} $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksigname.c -o $@
- 
- $(srcdir)/mksiglist.h: $(srcdir)/siglist.in
- 	@if [ -n "$(DEVEL)" ]; then \
diff --git a/system/sudo/musl-fix-headers.patch b/system/sudo/musl-fix-headers.patch
deleted file mode 100644
index d57a9ff4b..000000000
--- a/system/sudo/musl-fix-headers.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- ./include/sudo_compat.h.orig
-+++ ./include/sudo_compat.h
-@@ -25,6 +25,7 @@
- #endif
- #if !defined(HAVE_MEMSET_S) && !defined(rsize_t)
- # include <stddef.h>	/* for rsize_t */
-+#include <sys/types.h> /* for id_t */
- # ifdef HAVE_STRING_H
- #  include <string.h>	/* for rsize_t on AIX */
- # endif /* HAVE_STRING_H */
author	Síle Ekaterin Liszka <sheila@vulpine.house>	2022-02-21 04:08:26 -0800
committer	A. Wilcox <AWilcox@Wilcox-Tech.com>	2022-04-24 20:52:27 -0500
commit	7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9 (patch)
tree	f3b84381ca3734f226a186c8b60bda2191fba195
parent	dccfd02334149b10f29724c96c790cb995735cfe (diff)
download	packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.gz packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.bz2 packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.tar.xz packages-7e7cb2dc6dbfa3d49d9f488ef383914385ca39d9.zip