[sudo/f13/master] - rebase to 1.7.4p5 - fixed sudo-1.7.4p4-getgrouplist.patch - fixes CVE-2011-0008, CVE-2011-0010

Daniel Kopeček mildew at fedoraproject.org
Mon Jan 17 10:58:43 UTC 2011 

commit 626a5cd2235bd956bba5522cf05a2f89b7b3858a
Author: Daniel Kopecek <dkopecek at redhat.com>
Date:   Mon Jan 17 11:58:31 2011 +0100

    - rebase to 1.7.4p5
    - fixed sudo-1.7.4p4-getgrouplist.patch
    - fixes CVE-2011-0008, CVE-2011-0010

 .gitignore                                         |    1 +
 sources                                            |    2 +-
 sudo-1.7.4p3-sudolist.patch                        |   67 --------------------
 sudo-1.7.4p4-auditconn.patch                       |   15 -----
 ....patch => sudo-1.7.4p4-getgrouplist-fixed.patch |   13 +++--
 sudo.spec                                          |   26 ++++----
 6 files changed, 23 insertions(+), 101 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e62db8c..24577da 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ sudo-1.7.2p6.tar.gz
 sudo-1.7.2p2-sudoers
 /sudo-1.7.4p4.tar.gz
 /sudo-1.7.4p4-sudoers
+/sudo-1.7.4p5.tar.gz
diff --git a/sources b/sources
index 7153aa5..a30cbc0 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-55d9906535d70a1de347cd3d3550ee87  sudo-1.7.4p4.tar.gz
+4c8105507363371dea89ceb7c92187dd  sudo-1.7.4p5.tar.gz
 874abe2dd29da4a8d773c4db8460fa27  sudo-1.7.4p4-sudoers
diff --git a/sudo-1.7.4p4-getgrouplist.patch b/sudo-1.7.4p4-getgrouplist-fixed.patch
similarity index 72%
rename from sudo-1.7.4p4-getgrouplist.patch
rename to sudo-1.7.4p4-getgrouplist-fixed.patch
index dd584e7..7d4fa21 100644
--- a/sudo-1.7.4p4-getgrouplist.patch
+++ b/sudo-1.7.4p4-getgrouplist-fixed.patch
@@ -1,6 +1,6 @@
 diff -up sudo-1.7.4p4/configure.in.getgrouplist sudo-1.7.4p4/configure.in
---- sudo-1.7.4p4/configure.in.getgrouplist	2010-09-07 15:53:38.400260828 +0200
-+++ sudo-1.7.4p4/configure.in	2010-09-07 15:54:48.751188374 +0200
+--- sudo-1.7.4p4/configure.in.getgrouplist	2011-01-11 10:45:49.170262147 +0100
++++ sudo-1.7.4p4/configure.in	2011-01-11 10:45:49.176261407 +0100
 @@ -1913,7 +1913,7 @@ AC_FUNC_GETGROUPS
  AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
  	       strftime setrlimit initgroups getgroups fstat gettimeofday \
@@ -11,17 +11,20 @@ diff -up sudo-1.7.4p4/configure.in.getgrouplist sudo-1.7.4p4/configure.in
      AC_LIBOBJ(getline)
      AC_CHECK_FUNCS(fgetln)
 diff -up sudo-1.7.4p4/pwutil.c.getgrouplist sudo-1.7.4p4/pwutil.c
---- sudo-1.7.4p4/pwutil.c.getgrouplist	2010-09-07 15:53:26.816198477 +0200
-+++ sudo-1.7.4p4/pwutil.c	2010-09-07 15:54:16.990188543 +0200
-@@ -628,5 +628,23 @@ user_in_group(pw, group)
+--- sudo-1.7.4p4/pwutil.c.getgrouplist	2010-08-06 15:44:30.000000000 +0200
++++ sudo-1.7.4p4/pwutil.c	2011-01-11 11:42:16.771282451 +0100
+@@ -628,5 +628,26 @@ user_in_group(pw, group)
      }
  #endif /* HAVE_MBR_CHECK_MEMBERSHIP */
  
 +#ifdef HAVE_GETGROUPLIST
++    if (user_ngroups >= 0 &&
++	strcmp(pw->pw_name, list_pw ? list_pw->pw_name : user_name) == 0)
 +    {
 +	gid_t *grouplist, grouptmp;
 +	int n_groups, i;
 +	n_groups = 1;
++
 +	if (getgrouplist(user_name, user_gid, &grouptmp, &n_groups) == -1) {
 +	    grouplist = (gid_t *) emalloc(sizeof(gid_t) * (n_groups + 1));
 +	    if (getgrouplist(user_name, user_gid, grouplist, &n_groups) > 0)
diff --git a/sudo.spec b/sudo.spec
index 541e509..e3b1c36 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.7.4p4
-Release: 3%{?dist}
+Version: 1.7.4p5
+Release: 1%{?dist}
 License: ISC
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -26,14 +26,11 @@ Patch1: sudo-1.6.7p5-strip.patch
 Patch2: sudo-1.7.2p1-envdebug.patch
 # add m4/ to paths in aclocal.m4
 Patch3: sudo-1.7.4p3-m4path.patch
-# don't emalloc(0)
-Patch4: sudo-1.7.4p3-sudolist.patch
 # getgrouplist() to determine group membership (#235915)
-Patch5: sudo-1.7.4p4-getgrouplist.patch
+# - version with CVE-2009-0034 fixed
+Patch4: sudo-1.7.4p4-getgrouplist-fixed.patch
 # reset HOME when using the `-i' option (#635250)
-Patch6: sudo-1.7.4p4-sudoi.patch
-# Ignore ECONREFUSED from audit_log_user_command()
-Patch7: sudo-1.7.4p4-auditconn.patch
+Patch5: sudo-1.7.4p4-sudoi.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -52,10 +49,8 @@ on many different machines.
 %patch1 -p1 -b .strip
 %patch2 -p1 -b .envdebug
 %patch3 -p1 -b .m4path
-%patch4 -p1 -b .sudolist
-%patch5 -p1 -b .getgrouplist
-%patch6 -p0 -b .sudoi
-%patch7 -p1 -b .auditconn
+%patch4 -p1 -b .getgrouplist-fixed
+%patch5 -p0 -b .sudoi
 
 %build
 # handle newer autoconf
@@ -126,7 +121,7 @@ rm -rf $RPM_BUILD_ROOT
 %files
 %defattr(-,root,root)
 %doc ChangeLog NEWS HISTORY LICENSE README* TROUBLESHOOTING UPGRADE
-%doc sudoers.ldap.pod schema.* sudoers2ldif sample.*
+%doc schema.* sudoers2ldif sample.*
 %attr(0440,root,root) %config(noreplace) /etc/sudoers
 %attr(0750,root,root) %dir /etc/sudoers.d/
 %config(noreplace) /etc/pam.d/sudo
@@ -150,6 +145,11 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Mon Jan 17 2011 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p5-1
+- rebase to 1.7.4p5
+- fixed sudo-1.7.4p4-getgrouplist.patch
+- fixes CVE-2011-0008, CVE-2011-0010
+
 * Wed Sep 29 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.7.4p4-3
 - added upstream patch to fix rhbz#638345

More information about the scm-commits mailing list