sudo: upgrade to 1.6.8p12 due to CVE-2005-1993

- Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack. - Thanks to Jamie Lenehan for notice - close #486
author: Marcin Juszkiewicz <hrw@openembedded.org> 2005-11-22 15:00:10 +0000
committer: OpenEmbedded Project <openembedded-devel@lists.openembedded.org> 2005-11-22 15:00:10 +0000
commit: 521f9e0029d97055d7cd8cade39924b76718ff41 (patch)
tree: 1f883e62ae71d4d76b532ec9e205b5c104010bb5 /packages/sudo/sudo_1.6.8p12.bb
parent: 124f2ee8215b7570476a83168b1f57e1ea981c8d (diff)
download: openembedded-521f9e0029d97055d7cd8cade39924b76718ff41.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/packages/sudo/sudo_1.6.8p12.bb b/packages/sudo/sudo_1.6.8p12.bb
new file mode 100644
index 0000000000..f9d55411f8
--- /dev/null
+++ b/packages/sudo/sudo_1.6.8p12.bb
@@ -0,0 +1,7 @@
+SRC_URI = "http://ftp.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
+	   file://nonrootinstall.patch;patch=1 \
+           file://nostrip.patch;patch=1 \
+	   file://autofoo.patch;patch=1 \
+	   file://noexec-link.patch;patch=1"
+
+include sudo.inc
author	Marcin Juszkiewicz <hrw@openembedded.org>	2005-11-22 15:00:10 +0000
committer	OpenEmbedded Project <openembedded-devel@lists.openembedded.org>	2005-11-22 15:00:10 +0000
commit	521f9e0029d97055d7cd8cade39924b76718ff41 (patch)
tree	1f883e62ae71d4d76b532ec9e205b5c104010bb5 /packages/sudo/sudo_1.6.8p12.bb
parent	124f2ee8215b7570476a83168b1f57e1ea981c8d (diff)
download	openembedded-521f9e0029d97055d7cd8cade39924b76718ff41.tar.gz