diff mbox series

[1/1] sudo: upgrade 1.9.17 -> 1.9.17p1

Message ID 20250709060634.1928881-1-praveen.kumar@windriver.com
State New
Headers show
Series [1/1] sudo: upgrade 1.9.17 -> 1.9.17p1 | expand

Commit Message

Praveen Kumar July 9, 2025, 6:06 a.m. UTC 
Changelog:
===========
* Fixed CVE-2025-32462.  Sudo's -h (--host) option could be specified
   when running a command or editing a file.  This could enable a
   local privilege escalation attack if the sudoers file allows the
   user to run commands on a different host.

* Fixed CVE-2025-32463.  An attacker can leverage sudo's -R
  (--chroot) option to run arbitrary commands as root, even if
  they are not listed in the sudoers file.  The chroot support has
  been deprecated an will be removed entirely in a future release.

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
 meta/recipes-extended/sudo/{sudo_1.9.17.bb => sudo_1.9.17p1.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/sudo/{sudo_1.9.17.bb => sudo_1.9.17p1.bb} (96%)
diff mbox series

Patch

diff --git a/meta/recipes-extended/sudo/sudo_1.9.17.bb b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
similarity index 96%
rename from meta/recipes-extended/sudo/sudo_1.9.17.bb
rename to meta/recipes-extended/sudo/sudo_1.9.17p1.bb
index 71d48f448d..83bfc0621c 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.17.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
@@ -7,7 +7,7 @@  SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
 
 PAM_SRC_URI = "file://sudo.pam"
 
-SRC_URI[sha256sum] = "3f212c69d534d5822b492d099abb02a593f91ca99f5afde5cb9bd3e1dcdad069"
+SRC_URI[sha256sum] = "ff607ea717072197738a78f778692cd6df9a7e3e404565f51de063ca27455d32"
 
 DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"