Bug 177209 - Last version of sudo not present in entrerpise version (sudo 1.6.8 is released)
Last version of sudo not present in entrerpise version (sudo 1.6.8 is released)
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: sudo (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Karel Zak
Ben Levenson
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2006-01-07 10:17 EST by LENHOF
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-01-07 12:15:14 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description LENHOF 2006-01-07 10:17:24 EST
+++ This bug was initially created as a clone of Bug #151893 +++

Description of problem:
sudo 1.6.8p7 was released on February 5th, 2005 - and Fedora Core Development
only has 1.6.7p5.

Vendor also says: "Please note: versions of Sudo prior to 1.6.8p2 are affected 
by a potential security flaw that could allow a malicious user to subvert Bash 
shell scripts." 

Version-Release number of selected component (if applicable):

Actual results:
Some patch merging is necessary and sudoedit (copy of sudo) should be removed
including the duplicate of the man page:

@@ -75,6 +66,8 @@
 chmod 755 $RPM_BUILD_ROOT%{_bindir}/* $RPM_BUILD_ROOT%{_sbindir}/*
 install -d -m 700 $RPM_BUILD_ROOT/var/run/sudo

+rm -f $RPM_BUILD_ROOT{%{_bindir}/sudoedit,%{_mandir}/man8/sudoedit*}
 mkdir -p $RPM_BUILD_ROOT/etc/pam.d
 cat > $RPM_BUILD_ROOT/etc/pam.d/sudo << EOF

Expected results:
Upgrade to 1.6.8p7 ;-)

Additional info:
This upgrade would solve bug #151632.

-- Additional comment from redhat-bugzilla@linuxnetz.de on 2005-03-23 05:27 EST --
Created an attachment (id=112251)

Hopefully, I didn't do any mistakes at patch merging...

-- Additional comment from twoerner@redhat.com on 2005-04-12 08:29 EST --
Fixed in rawhide in rpm sudo-1.6.8p8-1 or newer.
I had to rebuild the selinux patch, the result is similar to your patch, Thanks.
Comment 1 LENHOF 2006-01-07 10:21:02 EST
It will be very nice to have the last version of sudo in Entreprise version of
RedHat Linux. (I'm using version 3 at work and I'm lacking this)

Version 1.6.8 (in comparison of 1.6.7) allow a new tag to act like the dash of su -

Comment 2 Karel Zak 2006-01-07 12:15:14 EST
The distrubution RHEL3 is __stable__ it means that some upstream version update
is really unusual. Something like update to the lates version of any package is
too dangerous step. We usually fix bugs only. Please, if you still think that
your request should be accepted connect the official Red Hat support:
http://www.redhat.com/apps/support/. Thanks.

Note You need to log in before you can comment on or make changes to this bug.