kumquat-buildroot/package/sudo/sudo.hash
Christian Stewart 4fea71ac78 package/sudo: security bump to version 1.9.5p2
Major changes between sudo 1.9.5p2 and 1.9.5p1

 * Buildroot: dropped a patch that was included in the release.

 * Fixed sudo's setprogname(3) emulation on systems that don't
   provide it.

 * Fixed a problem with the sudoers log server client where a partial
   write to the server could result the sudo process consuming large
   amounts of CPU time due to a cycle in the buffer queue. Bug #954.

 * Added a missing dependency on libsudo_util in libsudo_eventlog.
   Fixes a link error when building sudo statically.

 * The user's KRB5CCNAME environment variable is now preserved when
   performing PAM authentication.  This fixes GSSAPI authentication
   when the user has a non-default ccache.

 * When invoked as sudoedit, the same set of command line options
   are now accepted as for "sudo -e".  The -H and -P options are
   now rejected for sudoedit and "sudo -e" which matches the sudo
   1.7 behavior.  This is part of the fix for CVE-2021-3156.

 * Fixed a potential buffer overflow when unescaping backslashes
   in the command's arguments.  Normally, sudo escapes special
   characters when running a command via a shell (sudo -s or sudo
   -i).  However, it was also possible to run sudoedit with the -s
   or -i flags in which case no escaping had actually been done,
   making a buffer overflow possible.  This fixes CVE-2021-3156.

https://www.sudo.ws/stable.html#1.9.5p2

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-27 21:41:12 +01:00

5 lines
242 B
Plaintext

# From: http://www.sudo.ws/download.html
sha256 539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978 sudo-1.9.5p2.tar.gz
# Locally calculated
sha256 505c5955c373514e2533a24a8346f44038e29cba874f5ca83beb171a7409089f doc/LICENSE