Package: sudo / 1.8.5p2-1+nmu3+deb7u1

Metadata

Package Version Patches format
sudo 1.8.5p2-1+nmu3+deb7u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
typo in classic insults.diff | (download)

plugins/sudoers/ins_classic.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
paths in samples.diff | (download)

doc/sample.sudoers | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

---
actually use buildflags.diff | (download)

common/Makefile.in | 5 4 + 1 - 0 !
compat/Makefile.in | 11 7 + 4 - 0 !
plugins/sudoers/Makefile.in | 5 4 + 1 - 0 !
3 files changed, 15 insertions(+), 6 deletions(-)

---
cve 2013 1775.patch | (download)

plugins/sudoers/check.c | 53 28 + 25 - 0 !
1 file changed, 28 insertions(+), 25 deletions(-)

---
cve 2013 1776.patch | (download)

plugins/sudoers/check.c | 4 3 + 1 - 0 !
plugins/sudoers/sudoers.c | 4 4 + 0 - 0 !
plugins/sudoers/sudoers.h | 3 2 + 1 - 0 !
3 files changed, 9 insertions(+), 2 deletions(-)

---
CVE 2014 9680 1.patch | (download)

aclocal.m4 | 20 20 + 0 - 0 !
configure | 33 33 + 0 - 0 !
configure.in | 7 7 + 0 - 0 !
doc/sudoers.cat | 46 31 + 15 - 0 !
doc/sudoers.man.in | 29 23 + 6 - 0 !
doc/sudoers.pod | 33 29 + 4 - 0 !
pathnames.h.in | 4 4 + 0 - 0 !
plugins/sudoers/env.c | 57 55 + 2 - 0 !
8 files changed, 202 insertions(+), 27 deletions(-)

 cve-2014-9680: unsafe handling of tz environment variable
 The TZ environment variable was passed through unchecked.  Most libc
 tzset() implementations support passing an absolute pathname in the time
 zone to point to an arbitrary, user-controlled file.  This may be used
 to exploit bugs in the C library's TZ parser or open files the user
 would not otherwise have access to.  Arbitrary file access via TZ could
 also be used in a denial of service attack by reading from a file or
 fifo that will block.
CVE 2014 9680 2.patch | (download)

doc/sudoers.cat | 6 3 + 3 - 0 !
doc/sudoers.man.in | 5 3 + 2 - 0 !
doc/sudoers.pod | 5 3 + 2 - 0 !
3 files changed, 9 insertions(+), 7 deletions(-)

 document handling of leading ':' when checking tz variable
 Document that a leading ':' is skipped when checking TZ for a
 fully-qualified path name.
CVE 2015 5602 1.patch | (download)

doc/sudo.pod | 8 8 + 0 - 0 !
doc/sudoers.pod | 28 25 + 3 - 0 !
include/missing.h | 3 3 + 0 - 0 !
plugins/sudoers/def_data.in | 3 3 + 0 - 0 !
plugins/sudoers/gram.y | 13 11 + 2 - 0 !
plugins/sudoers/ldap.c | 3 3 + 0 - 0 !
plugins/sudoers/parse.c | 18 8 + 10 - 0 !
plugins/sudoers/parse.h | 46 46 + 0 - 0 !
plugins/sudoers/regress/sudoers/test1.in | 2 2 + 0 - 0 !
plugins/sudoers/regress/sudoers/test1.out.ok | 1 1 + 0 - 0 !
plugins/sudoers/regress/sudoers/test1.toke.ok | 1 1 + 0 - 0 !
plugins/sudoers/sudoers.c | 2 2 + 0 - 0 !
plugins/sudoers/testsudoers.c | 4 3 + 1 - 0 !
plugins/sudoers/toke.l | 10 10 + 0 - 0 !
src/sudo.c | 5 5 + 0 - 0 !
src/sudo.h | 29 15 + 14 - 0 !
src/sudo_edit.c | 68 60 + 8 - 0 !
17 files changed, 206 insertions(+), 38 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Do not follow symbolic links in sudoedit by default.  This behavior
 can be controlled by the sudoedit_follow Defaults flag as well as
 the FOLLOW/NOFOLLOW tags.
CVE 2015 5602 1 generated.patch | (download)

doc/sudo.cat | 9 8 + 1 - 0 !
doc/sudo.man.in | 12 10 + 2 - 0 !
doc/sudoers.cat | 30 24 + 6 - 0 !
doc/sudoers.ldap.cat | 8 4 + 4 - 0 !
doc/sudoers.man.in | 28 25 + 3 - 0 !
plugins/sudoers/def_data.c | 4 4 + 0 - 0 !
plugins/sudoers/def_data.h | 2 2 + 0 - 0 !
plugins/sudoers/gram.c | 3935 2603 + 1332 - 0 !
plugins/sudoers/gram.h | 166 131 + 35 - 0 !
plugins/sudoers/toke.c | 3699 1949 + 1750 - 0 !
10 files changed, 4760 insertions(+), 3133 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Files regenerated for changes in CVE-2015-5602-1.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 2.patch | (download)

src/sudo_edit.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 change warning when user tries to sudoedit a symbolic link.
CVE 2015 5602 2 generated.patch | (download)

src/po/sudo.pot | 79 42 + 37 - 0 !
1 file changed, 42 insertions(+), 37 deletions(-)

 change warning when user tries to sudoedit a symbolic link.
 Files regenerated for changes in CVE-2015-5602-2.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 3.patch | (download)

src/sudo_edit.c | 43 34 + 9 - 0 !
1 file changed, 34 insertions(+), 9 deletions(-)

 open sudoedit files with o_nonblock and fail if they are not regular files.
CVE 2015 5602 4.patch | (download)

src/sudo_edit.c | 21 2 + 19 - 0 !
1 file changed, 2 insertions(+), 19 deletions(-)

 remove s_isreg check from sudo_edit_open(), it is already done in the caller.
CVE 2015 5602 5.patch | (download)

configure.in | 2 1 + 1 - 0 !
doc/sudoers.pod | 8 8 + 0 - 0 !
plugins/sudoers/def_data.in | 3 3 + 0 - 0 !
plugins/sudoers/sudoers.c | 2 2 + 0 - 0 !
src/sudo.c | 5 5 + 0 - 0 !
src/sudo.h | 1 1 + 0 - 0 !
src/sudo_edit.c | 174 165 + 9 - 0 !
7 files changed, 185 insertions(+), 10 deletions(-)

 cve-2015-5602: add directory writability checks for sudoedit.
CVE 2015 5602 5 generated.patch | (download)

config.h.in | 11 11 + 0 - 0 !
configure | 538 288 + 250 - 0 !
doc/sudoers.cat | 8 8 + 0 - 0 !
doc/sudoers.man.in | 7 7 + 0 - 0 !
plugins/sudoers/def_data.c | 4 4 + 0 - 0 !
plugins/sudoers/def_data.h | 6 4 + 2 - 0 !
6 files changed, 322 insertions(+), 252 deletions(-)

 cve-2015-5602: sudoedit path restriction bypass using symlinks
 Files regenerated for changes in CVE-2015-5602-5.patch
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 6.patch | (download)

src/sudo_edit.c | 67 37 + 30 - 0 !
1 file changed, 37 insertions(+), 30 deletions(-)

 cve-2015-5602: fix directory writability checks for sudoedit.
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149
CVE 2015 5602 7.patch | (download)

doc/sudoers.cat | 4 2 + 2 - 0 !
doc/sudoers.man.in | 2 1 + 1 - 0 !
doc/sudoers.pod | 2 1 + 1 - 0 !
plugins/sudoers/defaults.c | 1 1 + 0 - 0 !
4 files changed, 5 insertions(+), 4 deletions(-)

 cve-2015-5602: enable sudoedit directory writability checks by default
Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707
Bug-Debian: https://bugs.debian.org/804149