diff options
author | Roland Hieber <rhi@pengutronix.de> | 2019-10-15 13:58:24 +0200 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2019-10-17 12:18:07 +0200 |
commit | 79b4ad5230f72d7408ba7c421f956dc9f272cce4 (patch) | |
tree | 7bc0b4abd3b86e08776512e4bea7e50e760c886c /rules/sudo.make | |
parent | 5dd497c17f06654fa5be56bc6af019802acde14b (diff) | |
download | ptxdist-79b4ad5230f72d7408ba7c421f956dc9f272cce4.tar.gz ptxdist-79b4ad5230f72d7408ba7c421f956dc9f272cce4.tar.xz |
sudo: version bump 1.8.22 -> 1.8.28
This update fixes CVE-2019-14287, see also
https://www.sudo.ws/alerts/minus_1_uid.html
Pin down more configure options, and update the license MD5, which added
some more file headers of files under ISC license, reformatted the
existing license file headers, and bumped the copyright date to 2019.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'rules/sudo.make')
-rw-r--r-- | rules/sudo.make | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/rules/sudo.make b/rules/sudo.make index 96349406f..a7fa0ad4a 100644 --- a/rules/sudo.make +++ b/rules/sudo.make @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_SUDO) += sudo # # Paths and names # -SUDO_VERSION := 1.8.22 -SUDO_MD5 := 24abdea48db4c5abcd410167c801cc8c +SUDO_VERSION := 1.8.28 +SUDO_MD5 := 5afa5acd0c55b40916e4ad864607edfe SUDO := sudo-$(SUDO_VERSION) SUDO_SUFFIX := tar.gz SUDO_URL := \ @@ -25,7 +25,7 @@ SUDO_URL := \ SUDO_SOURCE := $(SRCDIR)/$(SUDO).$(SUDO_SUFFIX) SUDO_DIR := $(BUILDDIR)/$(SUDO) SUDO_LICENSE := ISC AND BSD-3-Clause AND BSD-2-Clause-NetBSD AND Zlib -SUDO_LICENSE_FILES := file://doc/LICENSE;md5=7765a3d787cb4fed3ccc3c9cee030af9 +SUDO_LICENSE_FILES := file://doc/LICENSE;md5=6c76b73603ac7763ab0516ebfbe67b42 # ---------------------------------------------------------------------------- # Prepare @@ -44,22 +44,43 @@ SUDO_ENV := \ # SUDO_AUTOCONF = \ $(CROSS_AUTOCONF_USR) \ + --enable-authentication \ + --disable-root-mailer \ + --enable-setreuid \ + --enable-setresuid \ --enable-shadow \ --enable-root-sudo \ --disable-log-host \ --enable-noargs-shell \ + --disable-shell-sets-home \ --disable-path-info \ + --disable-env-debug \ + --enable-zlib \ + --disable-env-reset \ --enable-warnings \ --disable-werror \ + --disable-openssl \ + --disable-gcrypt \ --enable-hardening \ --enable-pie \ + --enable-asan \ + --enable-poll \ + --disable-admin-flag \ --disable-nls \ --disable-rpath \ --enable-static-sudoers \ --disable-shared-libutil \ + --disable-tmpfiles.d \ + --disable-devsearch \ + --disable-sasl \ + --disable-offensive-insults \ + --disable-package-build \ + --disable-gss-krb5-ccache-name \ + --disable-pvs-studio \ --disable-sia \ $(GLOBAL_LARGE_FILE_OPTION) \ --disable-pam-session \ + --disable-kerb5-instance \ --without-AFS \ --without-DCE \ --without-logincap \ |