sudo: upgrade 1.9.12 -> 1.9.12p1

mips-fix.patch removed since it's included in 1.9.12p1 Changelog: ========= *Sudo's configure script now does a better job of detecting when the -fstack-clash-protection compiler option does not work. GitHub issue #191. *Fixed CVE-2022-43995, a potential out-of-bounds write for passwords smaller than 8 characters when passwd authentication is enabled. This does not affect configurations that use other authentication methods such as PAM, AIX authentication or BSD authentication. *Fixed a build error with some configurations compiling host_port.c. (From OE-Core rev: 292acd9db1d7204f1435f31f2c37fd272b74eb97) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Wang Mingyu <wangmy@fujitsu.com> 2022-11-13 11:11:37 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-11-14 16:19:43 +0000
commit: 57d9840f14495b703bc968374ce165302bd26908 (patch)
tree: 2ec07ee6d2041c49493b0da809d28d708e8473aa
parent: 07eace6c0156aa2794b65b0b4a06b53efba785ef (diff)
download: poky-57d9840f14495b703bc968374ce165302bd26908.tar.gz
2 files changed, 1 insertions, 39 deletions
diff --git a/meta/recipes-extended/sudo/files/mips-fix.patch b/meta/recipes-extended/sudo/files/mips-fix.patch
deleted file mode 100644
index fe9c652509..0000000000
--- a/meta/recipes-extended/sudo/files/mips-fix.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 7944494196d4a9b33e0ae64a7e20f86e19c336d3 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Wed, 26 Oct 2022 16:35:30 -0600
-Subject: [PATCH] Fix compilation error on Linux/mips.
-Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/7944494196d4a9b33e0ae64a7e20f86e19c336d3]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
- src/exec_ptrace.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-diff --git a/src/exec_ptrace.c b/src/exec_ptrace.c
-index 81cd10bc2..208a75f88 100644
--- a/src/exec_ptrace.c
-+++ b/src/exec_ptrace.c
-@@ -282,16 +282,17 @@ set_sc_arg4(struct sudo_ptrace_regs *regs, unsigned long addr)
- static bool
- ptrace_getregs(int pid, struct sudo_ptrace_regs *regs, int compat)
- {
-+    struct iovec iov;
-     debug_decl(ptrace_getregs, SUDO_DEBUG_EXEC);
- 
-+    iov.iov_base = &regs->u;
-+    iov.iov_len = sizeof(regs->u);
-+
- # ifdef __mips__
-     /* PTRACE_GETREGSET has bugs with the MIPS o32 ABI at least. */
-    if (ptrace(PTRACE_GETREGS, pid, NULL, &regs->u) == -1)
-+    if (ptrace(PTRACE_GETREGS, pid, NULL, iov.iov_base) == -1)
-        debug_return_bool(false);
- # else
-    struct iovec iov;
-    iov.iov_base = &regs->u;
-    iov.iov_len = sizeof(regs->u);
-     if (ptrace(PTRACE_GETREGSET, pid, (void *)NT_PRSTATUS, &iov) == -1)
-        debug_return_bool(false);
- # endif /* __mips__ */
diff --git a/meta/recipes-extended/sudo/sudo_1.9.12.bb b/meta/recipes-extended/sudo/sudo_1.9.12p1.bb
index 15c6728f08..1495b67b8b 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.12.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.12p1.bb
@@ -4,12 +4,11 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
           ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
           file://0001-sudo.conf.in-fix-conflict-with-multilib.patch \
           file://0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch \
-           file://mips-fix.patch \
           "
 PAM_SRC_URI = "file://sudo.pam"
-SRC_URI[sha256sum] = "de15733888170c56834daafd34bf983db10fb21039742fcfc396bd32168d6362"
+SRC_URI[sha256sum] = "475a18a8eb3da8b2917ceab063a6baf51ea09128c3c47e3e0e33ab7497bab7d8"
 DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"
author	Wang Mingyu <wangmy@fujitsu.com>	2022-11-13 11:11:37 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-11-14 16:19:43 +0000
commit	57d9840f14495b703bc968374ce165302bd26908 (patch)
tree	2ec07ee6d2041c49493b0da809d28d708e8473aa
parent	07eace6c0156aa2794b65b0b4a06b53efba785ef (diff)
download	poky-57d9840f14495b703bc968374ce165302bd26908.tar.gz

diff --git a/meta/recipes-extended/sudo/files/mips-fix.patch b/meta/recipes-extended/sudo/files/mips-fix.patch deleted file mode 100644 index fe9c652509..0000000000 --- a/meta/recipes-extended/sudo/files/mips-fix.patch +++ /dev/null
@@ -1,37 +0,0 @@
1	From 7944494196d4a9b33e0ae64a7e20f86e19c336d3 Mon Sep 17 00:00:00 2001
2	From: "Todd C. Miller" <Todd.Miller@sudo.ws>
3	Date: Wed, 26 Oct 2022 16:35:30 -0600
4	Subject: [PATCH] Fix compilation error on Linux/mips.
5
6	Upstream-Status: Backport [https://github.com/sudo-project/sudo/commit/7944494196d4a9b33e0ae64a7e20f86e19c336d3]
7	Signed-off-by: Alexander Kanavin <alex@linutronix.de>
8	---
9	src/exec_ptrace.c \| 9 +++++----
10	1 file changed, 5 insertions(+), 4 deletions(-)
11
12	diff --git a/src/exec_ptrace.c b/src/exec_ptrace.c
13	index 81cd10bc2..208a75f88 100644
14	--- a/src/exec_ptrace.c
15	+++ b/src/exec_ptrace.c
16	@@ -282,16 +282,17 @@ set_sc_arg4(struct sudo_ptrace_regs *regs, unsigned long addr)
17	static bool
18	ptrace_getregs(int pid, struct sudo_ptrace_regs *regs, int compat)
19	{
20	+ struct iovec iov;
21	debug_decl(ptrace_getregs, SUDO_DEBUG_EXEC);
22
23	+ iov.iov_base = &regs->u;
24	+ iov.iov_len = sizeof(regs->u);
25	+
26	# ifdef __mips__
27	/* PTRACE_GETREGSET has bugs with the MIPS o32 ABI at least. */
28	- if (ptrace(PTRACE_GETREGS, pid, NULL, &regs->u) == -1)
29	+ if (ptrace(PTRACE_GETREGS, pid, NULL, iov.iov_base) == -1)
30	debug_return_bool(false);
31	# else
32	- struct iovec iov;
33	- iov.iov_base = &regs->u;
34	- iov.iov_len = sizeof(regs->u);
35	if (ptrace(PTRACE_GETREGSET, pid, (void *)NT_PRSTATUS, &iov) == -1)
36	debug_return_bool(false);
37	# endif /* __mips__ */


diff --git a/meta/recipes-extended/sudo/sudo_1.9.12.bb b/meta/recipes-extended/sudo/sudo_1.9.12p1.bb index 15c6728f08..1495b67b8b 100644 --- a/meta/recipes-extended/sudo/sudo_1.9.12.bb +++ b/meta/recipes-extended/sudo/sudo_1.9.12p1.bb
@@ -4,12 +4,11 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
4	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \	4	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
5	file://0001-sudo.conf.in-fix-conflict-with-multilib.patch \	5	file://0001-sudo.conf.in-fix-conflict-with-multilib.patch \
6	file://0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch \	6	file://0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch \
7	file://mips-fix.patch \
8	"	7	"
9		8
10	PAM_SRC_URI = "file://sudo.pam"	9	PAM_SRC_URI = "file://sudo.pam"
11		10
12	SRC_URI[sha256sum] = "de15733888170c56834daafd34bf983db10fb21039742fcfc396bd32168d6362"	11	SRC_URI[sha256sum] = "475a18a8eb3da8b2917ceab063a6baf51ea09128c3c47e3e0e33ab7497bab7d8"
13		12
14	DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"	13	DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
15	RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"	14	RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"