mirror of
https://git.yoctoproject.org/poky
synced 2026-02-20 08:29:42 +01:00
4d3871178a
Changelog: =========== * Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified when running a command or editing a file. This could enable a local privilege escalation attack if the sudoers file allows the user to run commands on a different host. * Fixed CVE-2025-32463. An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. The chroot support has been deprecated an will be removed entirely in a future release. License-Update: Copyright updated to 2025 0001-sudo.conf.in-fix-conflict-with-multilib.patch refreshed for 1.9.17 (From OE-Core rev: f8343726bca7f884213436cda3f51684c22ad3f1) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>