From a99da9a2fc281b7ad635c07eb33245837d91a87f Mon Sep 17 00:00:00 2001 From: Daniel Turull Date: Thu, 9 Apr 2026 11:29:32 +0200 Subject: [PATCH] sudo: upgrade 1.9.17p1 -> 1.9.17p2 Changelog for sudo: 1.9.17p1 -> 1.9.17p2 ============================================================ Merge sudo 1.9.17p2 from branch 'main' into sudo-1.9 [d1b48c651] * configure, configure.ac: Fix check for which man page type to use with nroff Fixes a bug where configure would use *.man instead of *.mdoc on systems without mandoc. Bug #1077. [aa2498e46] * plugins/sudoers/log_client.c: client_msg_cb: make warning match the function that failed [f73162df3] 2025-07-23 Todd C. Miller * NEWS, configure, configure.ac: Sudo 1.9.17p2 [f0e1a5ca3] * plugins/sudoers/match_command.c, plugins/sudoers/match_digest.c: digest_matches: plug fd leak on snprinf() failure [26a1a7529] 2025-07-21 Todd C. Miller * etc/sudo-logsrvd.pp, etc/sudo-python.pp, etc/sudo.pp, scripts/mkpkg: Add a way to override pp_rpm_arch when building rpms This will be used to build x86_64_v2 packages for Alma Linux. [55d3c99c4] * configure, configure.ac: Fix check for which man page type to use with nroff Fixes a bug where configure would use *.man instead of *.mdoc on systems without mandoc. [2dc10cfbd] * plugins/sudoers/timestamp.c: ts_write: call lseek after fruncate on short write We need to make sure the file position is reset to the old EOF on error. [8e7e0e23f] 2025-07-20 Todd C. Miller * src/exec_ptrace.c: ptrace_readv_string: quiet sign-compare warning [fac2a49e7] * src/exec_ptrace.c: ptrace_readv_string: properly handle reads of more than one page When the intercept and intercept_verify options are enabled and either argv[] or envp[] contains a string larger than the page size (usually 4096), ptrace_readv_string() would fill the buffer with mutiple copies of the same string. Fixes GitHub issue #453. [2e93eabed] 2025-07-14 Todd C. Miller * src/exec_pty.c: revoke_pty: use killpg() not kill() to send HUP to the process group Also make sure we never call killpg(-1, SIGHUP), which would send SIGHUP to process 1 (init). It is possible for cmnd_pid to be -1 in certain error conditions where sudo killed the command itself. This may explain GitHub issue #458. [fb208d383] 2025-07-08 Todd C. Miller * etc/sudo-logsrvd.pp, etc/sudo-python.pp, etc/sudo.pp, scripts/pp: Don't assume RHEL major version is only a single digit Fixes handling of RHEL 10 and higher. [e5d953f33] * plugins/sudoers/visudo.c: visudo: create temporary file as mod 0600 not 0700 This was due to a typo in the mode field when the temporary file was created. Noticed by Bjorn Baron of the sudo-rs project. [1c254b330] 2025-06-30 Todd C. Miller * Makefile.in: We now build sudo releases from git, not mercurial [cb4e26734] 2025-06-28 Todd C. Miller * NEWS, configure, configure.ac: (From OE-Core rev: 76b98657e3dc9da01a746deb7b9d08cb84ba44b6) Signed-off-by: Daniel Turull (cherry picked from commit 12e9ba655153a9cb7c2b79cf52a2300e19634dcf) Signed-off-by: Yoann Congal Signed-off-by: Paul Barker --- .../files/0001-sudo.conf.in-fix-conflict-with-multilib.patch | 2 +- .../sudo/{sudo_1.9.17p1.bb => sudo_1.9.17p2.bb} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-extended/sudo/{sudo_1.9.17p1.bb => sudo_1.9.17p2.bb} (96%) diff --git a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch index 1989c5abd7..f96ab4b1f6 100644 --- a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch +++ b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch @@ -1,4 +1,4 @@ -From 8c69192754ba73dd6e3273728a21aa73988f4bfb Mon Sep 17 00:00:00 2001 +From 3b9ed5e1ae1e217158af7d9128e35ef3463bc107 Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Tue, 17 Nov 2020 11:13:40 +0800 Subject: [PATCH] sudo.conf.in: fix conflict with multilib diff --git a/meta/recipes-extended/sudo/sudo_1.9.17p1.bb b/meta/recipes-extended/sudo/sudo_1.9.17p2.bb similarity index 96% rename from meta/recipes-extended/sudo/sudo_1.9.17p1.bb rename to meta/recipes-extended/sudo/sudo_1.9.17p2.bb index 5b9d73b33b..d715bc2075 100644 --- a/meta/recipes-extended/sudo/sudo_1.9.17p1.bb +++ b/meta/recipes-extended/sudo/sudo_1.9.17p2.bb @@ -7,7 +7,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \ PAM_SRC_URI = "file://sudo.pam" -SRC_URI[sha256sum] = "ff607ea717072197738a78f778692cd6df9a7e3e404565f51de063ca27455d32" +SRC_URI[sha256sum] = "4a38a1ab3adb1199257edc2a7c4a2bd714665eb605b04368843b06dada2cfcfb" DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"