Package: sudo / 1.8.10p3-1+deb8u5

Metadata

Package Version Patches format
sudo 1.8.10p3-1+deb8u5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
typo in classic insults.diff | (download)

plugins/sudoers/ins_classic.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
paths in samples.diff | (download)

doc/sample.sudoers | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

---
Fix for broken FQDN host specifications.diff | (download)

plugins/sudoers/sudoers.c | 45 41 + 4 - 0 !
1 file changed, 41 insertions(+), 4 deletions(-)

 fix for broken fqdn host specifications

A bug was introduced in sudo 1.8.8 which broke host specifications using a
FQDN, eg Host_Alias = host.example.com. Upstream has fixed this in 1.8.12.

This patch contains the fix backported to 1.8.10p3.

future timestamp.diff | (download)

plugins/sudoers/boottime.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---
CVE 2014 9680 1.patch | (download)

configure | 33 33 + 0 - 0 !
configure.ac | 7 7 + 0 - 0 !
doc/sudoers.cat | 38 27 + 11 - 0 !
doc/sudoers.man.in | 36 34 + 2 - 0 !
doc/sudoers.mdoc.in | 29 27 + 2 - 0 !
m4/sudo.m4 | 20 20 + 0 - 0 !
pathnames.h.in | 4 4 + 0 - 0 !
plugins/sudoers/env.c | 57 55 + 2 - 0 !
8 files changed, 207 insertions(+), 17 deletions(-)

 cve-2014-9680: unsafe handling of tz environment variable
 The TZ environment variable was passed through unchecked.  Most libc
 tzset() implementations support passing an absolute pathname in the time
 zone to point to an arbitrary, user-controlled file.  This may be used
 to exploit bugs in the C library's TZ parser or open files the user
 would not otherwise have access to.  Arbitrary file access via TZ could
 also be used in a denial of service attack by reading from a file or
 fifo that will block.
CVE 2014 9680 2.patch | (download)

doc/sudoers.cat | 6 3 + 3 - 0 !
doc/sudoers.man.in | 6 4 + 2 - 0 !
doc/sudoers.mdoc.in | 6 4 + 2 - 0 !
3 files changed, 11 insertions(+), 7 deletions(-)

 document handling of leading ':' when checking tz variable
 Document that a leading ':' is skipped when checking TZ for a
 fully-qualified path name.
CVE 2015 5602 1.patch | (download)

doc/sudo.cat | 7 7 + 0 - 0 !
doc/sudo.man.in | 9 9 + 0 - 0 !
doc/sudo.mdoc.in | 9 9 + 0 - 0 !
doc/sudoers.cat | 29 23 + 6 - 0 !
doc/sudoers.man.in | 44 42 + 2 - 0 !
doc/sudoers.mdoc.in | 42 40 + 2 - 0 !
include/missing.h | 3 3 + 0 - 0 !
plugins/sudoers/def_data.in | 3 3 + 0 - 0 !
plugins/sudoers/gram.y | 13 11 + 2 - 0 !
plugins/sudoers/ldap.c | 3 3 + 0 - 0 !
plugins/sudoers/parse.c | 33 8 + 25 - 0 !
plugins/sudoers/parse.h | 46 46 + 0 - 0 !
plugins/sudoers/policy.c | 5 4 + 1 - 0 !
plugins/sudoers/regress/sudoers/test1.in | 2 2 + 0 - 0 !
plugins/sudoers/regress/sudoers/test1.out.ok | 1 1 + 0 - 0 !
plugins/sudoers/regress/sudoers/test1.toke.ok | 1 1 + 0 - 0 !
plugins/sudoers/testsudoers.c | 5 3 + 2 - 0 !
plugins/sudoers/toke.l | 10 10 + 0 - 0 !
plugins/sudoers/visudo_json.c | 73 31 + 42 - 0 !
src/sudo.c | 5 5 + 0 - 0 !
src/sudo.h | 31 16 + 15 - 0 !
src/sudo_edit.c | 68 60 + 8 - 0 !
22 files changed, 337 insertions(+), 105 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Do not follow symbolic links in sudoedit by default.  This behavior
 can be controlled by the sudoedit_follow Defaults flag as well as
 the FOLLOW/NOFOLLOW tags.
CVE 2015 5602 1 generated.patch | (download)

plugins/sudoers/def_data.c | 4 4 + 0 - 0 !
plugins/sudoers/def_data.h | 2 2 + 0 - 0 !
plugins/sudoers/gram.c | 4165 2581 + 1584 - 0 !
plugins/sudoers/gram.h | 196 152 + 44 - 0 !
plugins/sudoers/toke.c | 4844 2536 + 2308 - 0 !
5 files changed, 5275 insertions(+), 3936 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Files regenerated for changes in CVE-2015-5602-1.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
fix sudoersdebug usage.patch | (download)

plugins/sudoers/testsudoers.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix sudoersdebug usage.
 sudoersdebug (aka yydebug) is defined only if the macro YYDEBUG is non-zero.
 The bison-generated version of gram.h defines YYDEBUG as 0 if it wasn't
 previously defined, so we need to test it with #if not #ifdef.
CVE 2015 5602 2.patch | (download)

src/sudo_edit.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 change warning when user tries to sudoedit a symbolic link.
CVE 2015 5602 2 generated.patch | (download)

src/po/sudo.pot | 155 80 + 75 - 0 !
1 file changed, 80 insertions(+), 75 deletions(-)

 change warning when user tries to sudoedit a symbolic link.
 Files regenerated for changes in CVE-2015-5602-1.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 3.patch | (download)

src/sudo_edit.c | 43 34 + 9 - 0 !
1 file changed, 34 insertions(+), 9 deletions(-)

 open sudoedit files with o_nonblock and fail if they are not regular files.
CVE 2015 5602 4.patch | (download)

src/sudo_edit.c | 21 2 + 19 - 0 !
1 file changed, 2 insertions(+), 19 deletions(-)

 remove s_isreg check from sudo_edit_open(), it is already done in the caller.
CVE 2015 5602 5.patch | (download)

configure.ac | 2 1 + 1 - 0 !
doc/sudoers.cat | 8 8 + 0 - 0 !
doc/sudoers.man.in | 12 12 + 0 - 0 !
doc/sudoers.mdoc.in | 10 10 + 0 - 0 !
plugins/sudoers/def_data.in | 3 3 + 0 - 0 !
plugins/sudoers/policy.c | 2 2 + 0 - 0 !
src/sudo.c | 5 5 + 0 - 0 !
src/sudo.h | 1 1 + 0 - 0 !
src/sudo_edit.c | 174 165 + 9 - 0 !
9 files changed, 207 insertions(+), 10 deletions(-)

 cve-2015-5602: add directory writability checks for sudoedit.
CVE 2015 5602 5 generated.patch | (download)

config.h.in | 3 3 + 0 - 0 !
configure | 2 1 + 1 - 0 !
plugins/sudoers/def_data.c | 4 4 + 0 - 0 !
plugins/sudoers/def_data.h | 6 4 + 2 - 0 !
4 files changed, 12 insertions(+), 3 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Files regenerated for changes in CVE-2015-5602-5.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 6.patch | (download)

src/sudo_edit.c | 67 37 + 30 - 0 !
1 file changed, 37 insertions(+), 30 deletions(-)

 cve-2015-5602: fix directory writability checks for sudoedit.
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 7.patch | (download)

doc/sudoers.cat | 2 1 + 1 - 0 !
doc/sudoers.man.in | 2 1 + 1 - 0 !
doc/sudoers.mdoc.in | 2 1 + 1 - 0 !
plugins/sudoers/defaults.c | 1 1 + 0 - 0 !
4 files changed, 4 insertions(+), 3 deletions(-)

 cve-2015-5602: enable sudoedit directory writability checks by default
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2017 1000367.patch | (download)

src/ttyname.c | 122 57 + 65 - 0 !
1 file changed, 57 insertions(+), 65 deletions(-)

---
Use proc self consistently on Linux.patch | (download)

src/ttyname.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

---
CVE 2017 1000368.patch | (download)

src/ttyname.c | 40 27 + 13 - 0 !
1 file changed, 27 insertions(+), 13 deletions(-)

---