Bug 151893 - sudo 1.6.8p7 is released
Summary: sudo 1.6.8p7 is released
Alias: None
Product: Fedora
Classification: Fedora
Component: sudo (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
Target Milestone: ---
Assignee: Thomas Woerner
QA Contact: Ben Levenson
Depends On:
Blocks: 151632
TreeView+ depends on / blocked
Reported: 2005-03-23 10:22 UTC by Robert Scheck
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-12 12:29:42 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
sudo-1.6.8p7-selinux.patch (14.73 KB, patch)
2005-03-23 10:27 UTC, Robert Scheck
no flags Details | Diff

Description Robert Scheck 2005-03-23 10:22:24 UTC
Description of problem:
sudo 1.6.8p7 was released on February 5th, 2005 - and Fedora Core Development
only has 1.6.7p5.

Vendor also says: "Please note: versions of Sudo prior to 1.6.8p2 are affected 
by a potential security flaw that could allow a malicious user to subvert Bash 
shell scripts." 

Version-Release number of selected component (if applicable):

Actual results:
Some patch merging is necessary and sudoedit (copy of sudo) should be removed
including the duplicate of the man page:

@@ -75,6 +66,8 @@
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
 install -d -m 700 $RPM_BUILD_ROOT/var/run/sudo

+rm -f $RPM_BUILD_ROOT{%{_bindir}/sudoedit,%{_mandir}/man8/sudoedit*}
 mkdir -p $RPM_BUILD_ROOT/etc/pam.d
 cat > $RPM_BUILD_ROOT/etc/pam.d/sudo << EOF

Expected results:
Upgrade to 1.6.8p7 ;-)

Additional info:
This upgrade would solve bug #151632.

Comment 1 Robert Scheck 2005-03-23 10:27:21 UTC
Created attachment 112251 [details]

Hopefully, I didn't do any mistakes at patch merging...

Comment 2 Thomas Woerner 2005-04-12 12:29:42 UTC
Fixed in rawhide in rpm sudo-1.6.8p8-1 or newer.
I had to rebuild the selinux patch, the result is similar to your patch, Thanks.

Note You need to log in before you can comment on or make changes to this bug.