This is a format string vulnerability "that can be used to crash
sudo or potentially allow an unauthorized user to elevate privileges."
(From OE-Core rev: 286cdd5db60b4f668e75cd9e05efb97acb08b7a6)
Signed-off-by: Joshua Lock <josh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The post install script was removed, and the install_append updated
to ensure the permissions are set correctly.
(From OE-Core rev: 463e44ae159da2e03369f9ac14843b479de2e43d)
(From OE-Core rev: 52dac3a309f3f1d6a4ee7269b16ca381fd0cdd38)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When PAM is enabled for the distribution we need to be sure to have a
build dependency of libpam, and runtime dependencies on the pam modules
used by the sudo package.
(From OE-Core rev: 79db5ccc7ee9b360451074dd42f7676e138cf384)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
According to DISTRO_FEATURES to add pam support for sudo, and import
configure file from Fedora.
(From OE-Core rev: 1f7e088f2d570d33c2344e32a05193b37a75ea76)
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As discussed on the mailing list, this variable isn't useful and if wanted
would be better implemented by distros using pn-X overrides.
This patch executes:
find . -regex ".*\.\(bb\|inc\)$" | xargs sed -i '/^PRIORITY = ".*"$/d'
against the tree removing the referenced. Thanks to Phil Blundell for
the command.
(From OE-Core rev: d122343362669c683acc4af295971a62cbc823fc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrading to the latest stable release of sudo.
This version of sudo has reorganized its source code layout, hence
the LIC_FILES_CHKSUM related changes. Also, some of the individual
.c files we checksummed (nonunix.h, vasgroups.c) are no longer
shipped with the sources. Finally, an embedded copy of zlib is now
included in these sources, so Zlib is included as one of the
licenses. I could not find any evidence of MIT-licensed sources,
so that license has been removed.
(From OE-Core rev: 10694e6037b16813e99e2204dbbe5c169f34667c)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix bug [YOCTO #1092]
Own a directory "/var/lib" before do_install() because if there isn't this directory during installing, \
then script "mkinstalldirs" from "sudo package" will create directory "/var/lib/sudo" by recursion with mode "0700" \
which will cause bug [YOCTO #1092]. So I add do_install_prepend() to create a "/var/lib" which can be accessed \
by common user before installing files.
(From OE-Core rev: 16bbeb2d866a07abd5379d1de30f2b747e1693fe)
Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add Upstream-Status tag to patches for the following recipes:
apmd
insserv
linuxdoc-tools
openjade
sgmlspl
at
sudo
(From OE-Core rev: 89ff546de3ce6b1c441f04d7a153c4f8d514a749)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add Upstream-Status tag to patches for the following recipes:
openssh
dbus-glib
expat
opensp
sgml-common
at
cpio (GPLv3 version)
libpam
icu
(From OE-Core rev: 0702602332ad63c2cfaa207516497bb0b75bfdf3)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A number of the recipes did not properly label their pre and post
actions, causing the actions to occur in all split packages. This
was corrected by defaulting to _${PN} in most cases.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
* Upgraded sudo to v1.7.4p4
* Removed obsolete patches
* Makefile.in no longer strips binaries, removed do_configure_prepend()
section which used to remove the -s
* Updated HOMEPAGE to canonical URL for project
* Added SUMMARY field
* Added checksums for source tarball
* Added patch for correcting paths to libtool scripts in m4/
* Corrected typos in LIC_FILES_CHKSUM (use of startline was invalid)
and included updated checksums - no license text has actually changed
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
