[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: sudo: Upgrade to 1.8.15 [fixes CVE-2015-5602].
From: |
Ludovic Courtès |
Subject: |
01/01: gnu: sudo: Upgrade to 1.8.15 [fixes CVE-2015-5602]. |
Date: |
Thu, 12 Nov 2015 10:49:25 +0000 |
civodul pushed a commit to branch master
in repository guix.
commit 0086ec733c9a968da1f817c3004b4e8742ab4f4d
Author: Ludovic Courtès <address@hidden>
Date: Thu Nov 12 11:45:23 2015 +0100
gnu: sudo: Upgrade to 1.8.15 [fixes CVE-2015-5602].
* gnu/packages/admin.scm (sudo)[arguments]: Add CPPFLAGS to
#:configure-flags. In 'pre-configure' phase, modify
'sudo_usage.h.in'. Add pattern to remove '-o 0 -g 0' installation
flag in 'Makefile.in', and remove pattern for '-O 0 -G 0'. Remove
modifications of 'configure'.
---
gnu/packages/admin.scm | 31 ++++++++++++++++++++-----------
1 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 6aca857..7fbc9fd 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -647,7 +647,7 @@ system administrator.")
(define-public sudo
(package
(name "sudo")
- (version "1.8.10p3")
+ (version "1.8.15")
(source (origin
(method url-fetch)
(uri
@@ -657,22 +657,31 @@ system administrator.")
version ".tar.gz")))
(sha256
(base32
- "002l6h27pnhb77b65frhazbhknsxvrsnkpi43j7i0qw1lrgi7nkf"))))
+ "0263gi6i19fyzzc488n0qw3m518i39f6a7qmrfvahk9j10bkh5j3"))))
(build-system gnu-build-system)
(arguments
- `(#:configure-flags '("--with-logpath=/var/log/sudo.log"
- "--with-rundir=/run/sudo"
- "--with-vardir=/var/db/sudo"
- "--with-iologdir=/var/log/sudo-io")
+ `(#:configure-flags
+ (list "--with-logpath=/var/log/sudo.log"
+ "--with-rundir=/run/sudo"
+ "--with-vardir=/var/db/sudo"
+ "--with-iologdir=/var/log/sudo-io"
+
+ ;; 'visudo.c' expects _PATH_MV to be defined, but glibc doesn't
+ ;; provide it.
+ (string-append "CPPFLAGS=-D_PATH_MV='\""
+ (assoc-ref %build-inputs "coreutils")
+ "/bin/mv\"'"))
#:phases (alist-cons-before
'configure 'pre-configure
(lambda _
- (substitute* "configure"
- ;; Refer to the right executables.
- (("/usr/bin/mv") (which "mv"))
- (("/usr/bin/sh") (which "sh")))
+ (substitute* "src/sudo_usage.h.in"
+ ;; Do not capture 'configure' arguments since we would
+ ;; unduly retain references, and also because the
+ ;; CPPFLAGS above would close the string literal
+ ;; prematurely.
+ (("@CONFIGURE_ARGS@") "\"\""))
(substitute* (find-files "." "Makefile\\.in")
- (("-O [[:graph:]]+ -G [[:graph:]]+")
+ (("-o [[:graph:]]+ -g [[:graph:]]+")
;; Allow installation as non-root.
"")
(("^install: (.*)install-sudoers(.*)" _ before after)