diff options
| author | Joshua Lock <josh@linux.intel.com> | 2012-02-29 16:34:27 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2012-03-01 15:59:58 +0000 |
| commit | eaec7e962433fa09ec5723afc9bada22ba4d6a45 (patch) | |
| tree | f8b987ed0612715458c379bca478cd84b946faf2 /meta/recipes-extended/sudo/sudo_1.8.1p2.bb | |
| parent | e6ea83feceb2c2eb77d707ed060a0ce29af79c4c (diff) | |
| download | poky-eaec7e962433fa09ec5723afc9bada22ba4d6a45.tar.gz | |
sudo: backport patch to address CVE 2012-0809
This is a format string vulnerability "that can be used to crash
sudo or potentially allow an unauthorized user to elevate privileges."
(From OE-Core rev: 286cdd5db60b4f668e75cd9e05efb97acb08b7a6)
Signed-off-by: Joshua Lock <josh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/sudo/sudo_1.8.1p2.bb')
| -rw-r--r-- | meta/recipes-extended/sudo/sudo_1.8.1p2.bb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/meta/recipes-extended/sudo/sudo_1.8.1p2.bb b/meta/recipes-extended/sudo/sudo_1.8.1p2.bb index b065447ed4..3694c89a42 100644 --- a/meta/recipes-extended/sudo/sudo_1.8.1p2.bb +++ b/meta/recipes-extended/sudo/sudo_1.8.1p2.bb | |||
| @@ -1,10 +1,11 @@ | |||
| 1 | require sudo.inc | 1 | require sudo.inc |
| 2 | 2 | ||
| 3 | PR = "r3" | 3 | PR = "r4" |
| 4 | 4 | ||
| 5 | SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \ | 5 | SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \ |
| 6 | file://libtool.patch \ | 6 | file://libtool.patch \ |
| 7 | file://sudo-parallel-build.patch \ | 7 | file://sudo-parallel-build.patch \ |
| 8 | file://format-string.patch \ | ||
| 8 | ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" | 9 | ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" |
| 9 | 10 | ||
| 10 | PAM_SRC_URI = "file://sudo.pam" | 11 | PAM_SRC_URI = "file://sudo.pam" |