[sudo] added patch for CVE-2012-0809
Daniel Kopeček
mildew at fedoraproject.org
Thu Jan 26 14:43:01 UTC 2012
commit 2c51203bb4651f7af42f5d2b30efc7c14ecc8a43
Author: Daniel Kopecek <dkopecek at redhat.com>
Date: Thu Jan 26 15:36:37 2012 +0100
added patch for CVE-2012-0809
sudo-1.8.3p1-CVE-2012-0809.patch | 23 +++++++++++++++++++++++
sudo.spec | 8 +++++++-
2 files changed, 30 insertions(+), 1 deletions(-)
---
diff --git a/sudo-1.8.3p1-CVE-2012-0809.patch b/sudo-1.8.3p1-CVE-2012-0809.patch
new file mode 100644
index 0000000..8010808
--- /dev/null
+++ b/sudo-1.8.3p1-CVE-2012-0809.patch
@@ -0,0 +1,23 @@
+--- sudo-1.8.3p1/src/sudo.c Fri Oct 21 09:01:26 2011
++++ sudo-1.8.3p1/src/sudo.c Tue Jan 24 15:59:03 2012
+@@ -1208,15 +1208,15 @@
+ sudo_debug(int level, const char *fmt, ...)
+ {
+ va_list ap;
+- char *fmt2;
++ char *buf;
+
+ if (level > debug_level)
+ return;
+
+- /* Backet fmt with program name and a newline to make it a single write */
+- easprintf(&fmt2, "%s: %s\n", getprogname(), fmt);
++ /* Bracket fmt with program name and a newline to make it a single write */
+ va_start(ap, fmt);
+- vfprintf(stderr, fmt2, ap);
++ evasprintf(&buf, fmt, ap);
+ va_end(ap);
+- efree(fmt2);
++ fprintf(stderr, "%s: %s\n", getprogname(), buf);
++ efree(buf);
+ }
diff --git a/sudo.spec b/sudo.spec
index 215f4e3..9724ad1 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
Summary: Allows restricted root access for specified users
Name: sudo
Version: 1.8.3p1
-Release: 2%{?dist}
+Release: 3%{?dist}
License: ISC
Group: Applications/System
URL: http://www.courtesan.com/sudo/
@@ -29,6 +29,8 @@ Patch2: sudo-1.7.2p1-envdebug.patch
Patch3: sudo-1.7.4p3-m4path.patch
# disable word wrapping if the ouput is piped
Patch4: sudo-1.8.3-pipelist.patch
+# CVE-2012-0809
+Patch5: sudo-1.8.3p1-CVE-2012-0809.patch
%description
Sudo (superuser do) allows a system administrator to give certain
@@ -57,6 +59,7 @@ plugins that use %{name}.
%patch2 -p1 -b .envdebug
%patch3 -p1 -b .m4path
%patch4 -p1 -b .pipelist
+%patch5 -p1 -b .CVE-2012-0809
# Remove execute permission on this script so we don't pull in perl deps
chmod -x plugins/sudoers/sudoers2ldif
@@ -167,6 +170,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/sudo_plugin.8*
%changelog
+* Thu Jan 26 2012 Daniel Kopecek <dkopecek at redhat.com> - 1.8.3p1-3
+- added patch for CVE-2012-0809
+
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8.3p1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
More information about the scm-commits
mailing list