From 5cab63a9be0a3664450115499f7467513a705e0e Mon Sep 17 00:00:00 2001 From: Max Rees Date: Wed, 10 Jun 2020 13:57:12 -0500 Subject: system/sudo: [CVE] bump to 1.9.0 (#277) --- system/sudo/APKBUILD | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/system/sudo/APKBUILD b/system/sudo/APKBUILD index 3bad54e5e..00acefd4f 100644 --- a/system/sudo/APKBUILD +++ b/system/sudo/APKBUILD @@ -3,13 +3,13 @@ # Contributor: Natanael Copa # Maintainer: Horst Burkhardt pkgname=sudo -pkgver=1.8.28 +pkgver=1.9.0 if [ "${pkgver%_*}" != "$pkgver" ]; then _realver=${pkgver%_*}${pkgver#*_} else _realver=$pkgver fi -pkgrel=1 +pkgrel=0 pkgdesc="Give certain users the ability to run some commands as root" url="https://www.sudo.ws/sudo/" arch="all" @@ -26,12 +26,22 @@ source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz SIGUNUSED.patch " builddir="$srcdir"/$pkgname-$_realver +somask="audit_json.so + group_file.so + libsudo_noexec.so + libsudo_util.so.0 + sample_approval.so + sudoers.so + system_group.so + " # secfixes: # 1.8.20_p2-r0: # - CVE-2017-1000368 -# 1.8.28: +# 1.8.28-r0: # - CVE-2019-14287 +# 1.9.0-r0: +# - CVE-2019-19232 build() { ./configure \ @@ -46,7 +56,10 @@ build() { --without-skey \ --with-passprompt="[sudo] Password for %p: " \ --with-insults=disabled \ - --with-all-insults + --with-all-insults \ + --enable-python=no \ + --disable-log-server \ + --disable-log-client # Workaround until SIGUNUSED.patch is not needed anymore rm lib/util/mksiglist.h lib/util/mksigname.h @@ -67,7 +80,7 @@ package() { rm -rf "$pkgdir"/var/run } -sha512sums="09e589cdfd18d7c43b0859a0e11c008b3cb995ae4f8c89c717c5242db9e5696361eb574ebe74a0b5316afffb3a8037f7a7f3c249176e8ed9caffeb4cd860ddc7 sudo-1.8.28.tar.gz +sha512sums="f2a191ea5fc65865718b110d4aca187cb5e2cd55c9c891fab32f21401e56f825f34c373e346c55c64fa49cec4d802efb63ccebf3d4a4e31d9a433077daf013b1 sudo-1.9.0.tar.gz f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c fix-cross-compile.patch dcc03abdd672c934f90dfd3683b3f81a8d39cfff91307d2dbd20a31a852022ab605d034c4fe11860ba99b78d391a9812fca1d6e052620b8ff2c42e4f0c7a1a62 musl-fix-headers.patch 2733c220ccbdaf61a32d8c72a5bc0209673733014f0d71b568f1523b71416e9d1754dd8c95bc6cd99aa7f935ed6e93c5f19b1a1dbb7dfc2daf9917fd37f96e78 SIGUNUSED.patch" -- cgit v1.2.3-70-g09d2