diff options
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-extended/sudo/files/format-string.patch | 33 | ||||
-rw-r--r-- | meta/recipes-extended/sudo/sudo_1.8.1p2.bb | 5 |
2 files changed, 36 insertions, 2 deletions
diff --git a/meta/recipes-extended/sudo/files/format-string.patch b/meta/recipes-extended/sudo/files/format-string.patch new file mode 100644 index 0000000000..15056fd4cc --- /dev/null +++ b/meta/recipes-extended/sudo/files/format-string.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | This patch, extracted from upstreams sudo-1.8.3p2.patch.gz addresses the | ||
2 | recent Sudo format string vulnerability CVE 2012-0809. | ||
3 | |||
4 | http://www.sudo.ws/sudo/alerts/sudo_debug.html | ||
5 | |||
6 | Signed-off-by: Joshua Lock <josh@linux.intel.com> | ||
7 | |||
8 | Upstream-Status: Backport | ||
9 | |||
10 | diff -urNa sudo-1.8.3p1/src/sudo.c sudo-1.8.3p2/src/sudo.c | ||
11 | --- sudo-1.8.3p1/src/sudo.c Fri Oct 21 09:01:26 2011 | ||
12 | +++ sudo-1.8.3p2/src/sudo.c Tue Jan 24 15:59:03 2012 | ||
13 | @@ -1208,15 +1208,15 @@ | ||
14 | sudo_debug(int level, const char *fmt, ...) | ||
15 | { | ||
16 | va_list ap; | ||
17 | - char *fmt2; | ||
18 | + char *buf; | ||
19 | |||
20 | if (level > debug_level) | ||
21 | return; | ||
22 | |||
23 | - /* Backet fmt with program name and a newline to make it a single write */ | ||
24 | - easprintf(&fmt2, "%s: %s\n", getprogname(), fmt); | ||
25 | + /* Bracket fmt with program name and a newline to make it a single write */ | ||
26 | va_start(ap, fmt); | ||
27 | - vfprintf(stderr, fmt2, ap); | ||
28 | + evasprintf(&buf, fmt, ap); | ||
29 | va_end(ap); | ||
30 | - efree(fmt2); | ||
31 | + fprintf(stderr, "%s: %s\n", getprogname(), buf); | ||
32 | + efree(buf); | ||
33 | } | ||
diff --git a/meta/recipes-extended/sudo/sudo_1.8.1p2.bb b/meta/recipes-extended/sudo/sudo_1.8.1p2.bb index b065447ed4..3694c89a42 100644 --- a/meta/recipes-extended/sudo/sudo_1.8.1p2.bb +++ b/meta/recipes-extended/sudo/sudo_1.8.1p2.bb | |||
@@ -1,10 +1,11 @@ | |||
1 | require sudo.inc | 1 | require sudo.inc |
2 | 2 | ||
3 | PR = "r3" | 3 | PR = "r4" |
4 | 4 | ||
5 | SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \ | 5 | SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \ |
6 | file://libtool.patch \ | 6 | file://libtool.patch \ |
7 | file://sudo-parallel-build.patch \ | 7 | file://sudo-parallel-build.patch \ |
8 | file://format-string.patch \ | ||
8 | ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" | 9 | ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" |
9 | 10 | ||
10 | PAM_SRC_URI = "file://sudo.pam" | 11 | PAM_SRC_URI = "file://sudo.pam" |