summaryrefslogtreecommitdiffstats
path: root/rules/sudo.make
diff options
context:
space:
mode:
authorRoland Hieber <rhi@pengutronix.de>2019-10-15 13:58:24 +0200
committerMichael Olbrich <m.olbrich@pengutronix.de>2019-10-17 12:18:07 +0200
commit79b4ad5230f72d7408ba7c421f956dc9f272cce4 (patch)
tree7bc0b4abd3b86e08776512e4bea7e50e760c886c /rules/sudo.make
parent5dd497c17f06654fa5be56bc6af019802acde14b (diff)
downloadptxdist-79b4ad5230f72d7408ba7c421f956dc9f272cce4.tar.gz
ptxdist-79b4ad5230f72d7408ba7c421f956dc9f272cce4.tar.xz
sudo: version bump 1.8.22 -> 1.8.28
This update fixes CVE-2019-14287, see also https://www.sudo.ws/alerts/minus_1_uid.html Pin down more configure options, and update the license MD5, which added some more file headers of files under ISC license, reformatted the existing license file headers, and bumped the copyright date to 2019. Signed-off-by: Roland Hieber <rhi@pengutronix.de> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'rules/sudo.make')
-rw-r--r--rules/sudo.make27
1 files changed, 24 insertions, 3 deletions
diff --git a/rules/sudo.make b/rules/sudo.make
index 96349406f..a7fa0ad4a 100644
--- a/rules/sudo.make
+++ b/rules/sudo.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_SUDO) += sudo
#
# Paths and names
#
-SUDO_VERSION := 1.8.22
-SUDO_MD5 := 24abdea48db4c5abcd410167c801cc8c
+SUDO_VERSION := 1.8.28
+SUDO_MD5 := 5afa5acd0c55b40916e4ad864607edfe
SUDO := sudo-$(SUDO_VERSION)
SUDO_SUFFIX := tar.gz
SUDO_URL := \
@@ -25,7 +25,7 @@ SUDO_URL := \
SUDO_SOURCE := $(SRCDIR)/$(SUDO).$(SUDO_SUFFIX)
SUDO_DIR := $(BUILDDIR)/$(SUDO)
SUDO_LICENSE := ISC AND BSD-3-Clause AND BSD-2-Clause-NetBSD AND Zlib
-SUDO_LICENSE_FILES := file://doc/LICENSE;md5=7765a3d787cb4fed3ccc3c9cee030af9
+SUDO_LICENSE_FILES := file://doc/LICENSE;md5=6c76b73603ac7763ab0516ebfbe67b42
# ----------------------------------------------------------------------------
# Prepare
@@ -44,22 +44,43 @@ SUDO_ENV := \
#
SUDO_AUTOCONF = \
$(CROSS_AUTOCONF_USR) \
+ --enable-authentication \
+ --disable-root-mailer \
+ --enable-setreuid \
+ --enable-setresuid \
--enable-shadow \
--enable-root-sudo \
--disable-log-host \
--enable-noargs-shell \
+ --disable-shell-sets-home \
--disable-path-info \
+ --disable-env-debug \
+ --enable-zlib \
+ --disable-env-reset \
--enable-warnings \
--disable-werror \
+ --disable-openssl \
+ --disable-gcrypt \
--enable-hardening \
--enable-pie \
+ --enable-asan \
+ --enable-poll \
+ --disable-admin-flag \
--disable-nls \
--disable-rpath \
--enable-static-sudoers \
--disable-shared-libutil \
+ --disable-tmpfiles.d \
+ --disable-devsearch \
+ --disable-sasl \
+ --disable-offensive-insults \
+ --disable-package-build \
+ --disable-gss-krb5-ccache-name \
+ --disable-pvs-studio \
--disable-sia \
$(GLOBAL_LARGE_FILE_OPTION) \
--disable-pam-session \
+ --disable-kerb5-instance \
--without-AFS \
--without-DCE \
--without-logincap \
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-04 15:39:07 +0000