From 521f9e0029d97055d7cd8cade39924b76718ff41 Mon Sep 17 00:00:00 2001
From: Marcin Juszkiewicz <hrw@openembedded.org>
Date: Tue, 22 Nov 2005 15:00:10 +0000
Subject: sudo: upgrade to 1.6.8p12 due to CVE-2005-1993 - Race condition in
 sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is   used after a user
 entry in the sudoers file, allows local users to gain   privileges via a
 symlink attack. - Thanks to Jamie Lenehan for notice - close #486

---
 packages/sudo/sudo_1.6.8p12.bb | 7 +++++++
 packages/sudo/sudo_1.6.8p8.bb  | 8 --------
 2 files changed, 7 insertions(+), 8 deletions(-)
 create mode 100644 packages/sudo/sudo_1.6.8p12.bb
 delete mode 100644 packages/sudo/sudo_1.6.8p8.bb

(limited to 'packages/sudo')

diff --git a/packages/sudo/sudo_1.6.8p12.bb b/packages/sudo/sudo_1.6.8p12.bb
new file mode 100644
index 0000000000..f9d55411f8
--- /dev/null
+++ b/packages/sudo/sudo_1.6.8p12.bb
@@ -0,0 +1,7 @@
+SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
+	   file://nonrootinstall.patch;patch=1 \
+           file://nostrip.patch;patch=1 \
+	   file://autofoo.patch;patch=1 \
+	   file://noexec-link.patch;patch=1"
+
+include sudo.inc
diff --git a/packages/sudo/sudo_1.6.8p8.bb b/packages/sudo/sudo_1.6.8p8.bb
deleted file mode 100644
index cc8ae4081c..0000000000
--- a/packages/sudo/sudo_1.6.8p8.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
-	   file://nonrootinstall.patch;patch=1 \
-           file://nostrip.patch;patch=1 \
-	   file://autofoo.patch;patch=1 \
-	   file://noexec-link.patch;patch=1"
-
-include sudo.inc
-PR = "r4"
-- 
cgit v1.2.3