License-Update: copyright years
(From OE-Core rev: 5d4ff3b14771bbb2a7653c92b80806bc9aa3fa64)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
mips-fix.patch
removed since it's included in 1.9.12p1
Changelog:
=========
*Sudo's configure script now does a better job of detecting when the
-fstack-clash-protection compiler option does not work. GitHub issue #191.
*Fixed CVE-2022-43995, a potential out-of-bounds write for passwords smaller
than 8 characters when passwd authentication is enabled. This does not affect
configurations that use other authentication methods such as PAM, AIX
authentication or BSD authentication.
*Fixed a build error with some configurations compiling host_port.c.
(From OE-Core rev: 292acd9db1d7204f1435f31f2c37fd272b74eb97)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update multilib patch for sudo.conf that there is one more replacement
of @plugindir@ to avoid installation conflict.
(From OE-Core rev: e1afed1569bc076a1823e997137884172acc7123)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It fails to install sudo and lib32-sudo at same time:
| Error: Transaction test error:
| file /usr/libexec/sudo/audit_json.so conflicts between attempted
installs of lib32-sudo-1.9.3p1-r0.core2_32 and sudo-1.9.3p1-r0.core2_64
| file /usr/libexec/sudo/group_file.so conflicts between attempted
installs of lib32-sudo-1.9.3p1-r0.core2_32 and sudo-1.9.3p1-r0.core2_64
Pass ${libdir} to configure option --libexecdir of sudo that it installs
plugin libraries to /usr/lib{,64} rather than /usr/libexec/. Then add a
patch to fix multilib conflict of sudo.conf.
[RP: Add missing Upstream-Status]
(From OE-Core rev: c9b6974cfcac370c6848d28400e0546ac85512e9)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pam_keyinit revoke causes issues on systemd systems. Make its use
optional. This brings it in line with Fedora 23 and Centos 7.
(From OE-Core rev: 36825c7b14b92434705a58aa4c22b8c1710a9760)
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The new version of sudo has fixed the problem and will create the
directory if it doesn't exist. So the configuration file is no longer
needed.
(From OE-Core rev: 7c962ca5d01ae4b9f511bb2b3b7700f970051727)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade sudo from 1.8.9p5 to the newest stable release 1.8.10p2.
The license checksums are modified as required, because the doc/LICENSE
file now declares that compat/inet_pton.c bears the ISC license.
As /var/run/sudo is the default directory for sudo's time stamp
files, this patch adds a configuration file to manage this directory.
(From OE-Core rev: af625d2f78a24dac96d11f159569f6465a534dfd)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed a patch because the changes were merged upstream.
Also, the license had some modifications in two files.
(From OE-Core rev: 13ba4490f6422109f934ed36809bd52d44577574)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream closed my bug and rewrote the patch, so update our patch with a
backport from upstream.
(From OE-Core rev: 31327bac1e5438a0041638332698a1e1e91640ba)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Staring from glibc 2.17 the crypt() function will error out and return NULL if
the seed or "correct" is invalid. The failure case for this is the sudo user
having a locked account in /etc/shadow, so their password is "!", which is an
invalid hash. crypt() never returned NULL previously so this is crashing in
strcmp().
[ YOCTO #4241 ]
(From OE-Core rev: 06d7078f7631b92e8b789f8e94a3a346d8181ce6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
According to DISTRO_FEATURES to add pam support for sudo, and import
configure file from Fedora.
(From OE-Core rev: 1f7e088f2d570d33c2344e32a05193b37a75ea76)
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add Upstream-Status tag to patches for the following recipes:
apmd
insserv
linuxdoc-tools
openjade
sgmlspl
at
sudo
(From OE-Core rev: 89ff546de3ce6b1c441f04d7a153c4f8d514a749)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add Upstream-Status tag to patches for the following recipes:
openssh
dbus-glib
expat
opensp
sgml-common
at
cpio (GPLv3 version)
libpam
icu
(From OE-Core rev: 0702602332ad63c2cfaa207516497bb0b75bfdf3)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Upgraded sudo to v1.7.4p4
* Removed obsolete patches
* Makefile.in no longer strips binaries, removed do_configure_prepend()
section which used to remove the -s
* Updated HOMEPAGE to canonical URL for project
* Added SUMMARY field
* Added checksums for source tarball
* Added patch for correcting paths to libtool scripts in m4/
* Corrected typos in LIC_FILES_CHKSUM (use of startline was invalid)
and included updated checksums - no license text has actually changed
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
