From: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed, 2 Jul 2025 11:00:55 +0000 (+0200)
Subject: sudo: Update to version 1.9.17p1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1f28c8ad6e575c5663f3a4577d24b34a34670c88;p=people%2Fstevee%2Fipfire-2.x.git

sudo: Update to version 1.9.17p1

- Update from version 1.9.17 to 1.9.17p1
- Update of rootfile not required
- Changelog
    1.9.17p1
	 * Fixed CVE-2025-32462.  Sudo's -h (--host) option could be specified
	   when running a command or editing a file.  This could enable a
	   local privilege escalation attack if the sudoers file allows the
	   user to run commands on a different host.
	 * Fixed CVE-2025-32463.  An attacker can leverage sudo's -R
	   (--chroot) option to run arbitrary commands as root, even if
	   they are not listed in the sudoers file.  The chroot support has
	   been deprecated an will be removed entirely in a future release.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---

diff --git a/lfs/sudo b/lfs/sudo
index 51bf0ada0..c2c221417 100644
--- a/lfs/sudo
+++ b/lfs/sudo
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.9.17
+VER        = 1.9.17p1
 
 THISAPP    = sudo-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = d9f2e0d8bca5d5dba5f78a9c064454032038fa60dae022ce72dd0d262bc4bd756fcc5a8e5b0ab4e179c3786fc86a401f7f1ba6d45ca4fe02e43d5cacb1e7f022
+$(DL_FILE)_BLAKE2 = 21771348a8de392767c366bb938951327dcc64a4cedee716a802435899e5135c218468271833a9e3ab9d90bda29e36c0870e27dd333d3a5c64fb8e3a5ebbff58
 
 install : $(TARGET)