diff options
| author | Marcin Juszkiewicz <hrw@openembedded.org> | 2005-11-22 15:00:10 +0000 |
|---|---|---|
| committer | OpenEmbedded Project <openembedded-devel@lists.openembedded.org> | 2005-11-22 15:00:10 +0000 |
| commit | 521f9e0029d97055d7cd8cade39924b76718ff41 (patch) | |
| tree | 1f883e62ae71d4d76b532ec9e205b5c104010bb5 /packages/sudo/sudo_1.6.8p12.bb | |
| parent | 124f2ee8215b7570476a83168b1f57e1ea981c8d (diff) | |
sudo: upgrade to 1.6.8p12 due to CVE-2005-1993
- Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is
used after a user entry in the sudoers file, allows local users to gain
privileges via a symlink attack.
- Thanks to Jamie Lenehan for notice
- close #486
Diffstat (limited to 'packages/sudo/sudo_1.6.8p12.bb')
| -rw-r--r-- | packages/sudo/sudo_1.6.8p12.bb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/packages/sudo/sudo_1.6.8p12.bb b/packages/sudo/sudo_1.6.8p12.bb new file mode 100644 index 0000000000..f9d55411f8 --- /dev/null +++ b/packages/sudo/sudo_1.6.8p12.bb @@ -0,0 +1,7 @@ +SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \ + file://nonrootinstall.patch;patch=1 \ + file://nostrip.patch;patch=1 \ + file://autofoo.patch;patch=1 \ + file://noexec-link.patch;patch=1" + +include sudo.inc |