Hi, Attached is a debdiff of the changes I made for 1.7.2p1-1.1 0-day NMU.
Cheers, Giuseppe
diff -u sudo-1.7.2p1/debian/changelog sudo-1.7.2p1/debian/changelog
--- sudo-1.7.2p1/debian/changelog
+++ sudo-1.7.2p1/debian/changelog
@@ -1,3 +1,11 @@
+sudo (1.7.2p1-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed CVE-2010-0426: verify path for the 'sudoedit' pseudo-command
+ (Closes: #570737)
+
+ -- Giuseppe Iuculano <iucul...@debian.org> Tue, 02 Mar 2010 14:57:17 +0100
+
sudo (1.7.2p1-1) unstable; urgency=low
* new upstream version
only in patch2:
unchanged:
--- sudo-1.7.2p1.orig/match.c
+++ sudo-1.7.2p1/match.c
@@ -381,7 +381,7 @@
char *sudoers_args;
{
/* Check for pseudo-commands */
- if (strchr(user_cmnd, '/') == NULL) {
+ if (sudoers_cmnd[0] != '/') {
/*
* Return true if both sudoers_cmnd and user_cmnd are "sudoedit" AND
* a) there are no args in sudoers OR
signature.asc
Description: OpenPGP digital signature
