Imported Upstream version 1.8.3p2

diff --git a/ChangeLog b/ChangeLog
index f4ebc2f0508de00e7e2342da7850e025aad6aa3d..343eed79b57b1058ddbb0f26dd58b247d20bf8bd 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+2012-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>
+
+       * src/sudo.c:
+       Fixed a format string vulnerability when the sudo binary (or a 
+       symbolic link to the sudo binary) contains printf format escapes
+       and the -D (debugging) flag is used.
+
+2012-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>
+
+       * sudo.pp:
+       Include parent directories in case they don't already exist. This
+       fixes a directory permissions problem with the AIX package when the
+       /usr/local directories don't already exist.
+
 2011-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>
 
        * plugins/sudoers/Makefile.in:

diff --git a/NEWS b/NEWS
index 17736354890f071a08400ba06515f8237f16d9d6..49d454b26a7e3c7317b8f778ed2a63ee5ef14670 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,9 @@
+What's new in Sudo 1.8.3p2?
+
+ * Fixed a format string vulnerability when the sudo binary (or a
+   symbolic link to the sudo binary) contains printf format escapes
+   and the -D (debugging) flag is used.
+
 What's new in Sudo 1.8.3p1?
 
  * Fixed a crash in the monitor process on Solaris when NOPASSWD

diff --git a/configure b/configure
index ef2d1bac34d6ab8aede2dd44ae7937eed0f30f21..7b4331466a23b776bedabf0fc61d1eadf8b21dda 100755 (executable)
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for sudo 1.8.3p1.
+# Generated by GNU Autoconf 2.68 for sudo 1.8.3p2.
 #
 # Report bugs to <http://www.sudo.ws/bugs/>.
 #
@@ -570,8 +570,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.8.3p1'
-PACKAGE_STRING='sudo 1.8.3p1'
+PACKAGE_VERSION='1.8.3p2'
+PACKAGE_STRING='sudo 1.8.3p2'
 PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
 PACKAGE_URL=''
 
@@ -1446,7 +1446,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sudo 1.8.3p1 to adapt to many kinds of systems.
+\`configure' configures sudo 1.8.3p2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1511,7 +1511,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.8.3p1:";;
+     short | recursive ) echo "Configuration of sudo 1.8.3p2:";;
    esac
   cat <<\_ACEOF
 
@@ -1728,7 +1728,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.8.3p1
+sudo configure 1.8.3p2
 generated by GNU Autoconf 2.68
 
 Copyright (C) 2010 Free Software Foundation, Inc.
@@ -2432,7 +2432,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.8.3p1, which was
+It was created by sudo $as_me 1.8.3p2, which was
 generated by GNU Autoconf 2.68.  Invocation command line was
 
   $ $0 $@
@@ -20615,7 +20615,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.8.3p1, which was
+This file was extended by sudo $as_me 1.8.3p2, which was
 generated by GNU Autoconf 2.68.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -20681,7 +20681,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-sudo config.status 1.8.3p1
+sudo config.status 1.8.3p2
 configured by $0, generated by GNU Autoconf 2.68,
   with options \\"\$ac_cs_config\\"
 

diff --git a/configure.in b/configure.in
index bca3bf4a7808cc47d6122eb20c59d4258e312a7a..546ef9d59c7698b8951a81c021b7eaee3e0f6133 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script.
 dnl
 dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller <Todd.Miller@courtesan.com>
 dnl
-AC_INIT([sudo], [1.8.3p1], [http://www.sudo.ws/bugs/], [sudo])
+AC_INIT([sudo], [1.8.3p2], [http://www.sudo.ws/bugs/], [sudo])
 AC_CONFIG_HEADER([config.h pathnames.h])
 dnl
 dnl Note: this must come after AC_INIT

diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot
index abd875b8b35955cd789cae8bb47b7f71e176d992..b096194c7215aeed23f57300588ffca03770aafc 100644 (file)
--- a/plugins/sudoers/po/sudoers.pot
+++ b/plugins/sudoers/po/sudoers.pot
@@ -5,9 +5,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: sudo 1.8.3\n"
+"Project-Id-Version: sudo 1.8.3p2\n"
 "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-10-10 15:50-0400\n"
+"POT-Creation-Date: 2012-01-24 16:12-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -64,98 +64,98 @@ msgstr ""
 msgid "au_to_text: failed"
 msgstr ""
 
-#: plugins/sudoers/check.c:149
+#: plugins/sudoers/check.c:157
 #, c-format
 msgid "sorry, a password is required to run %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:236 plugins/sudoers/iolog.c:169
-#: plugins/sudoers/sudoers.c:964 plugins/sudoers/sudoreplay.c:325
+#: plugins/sudoers/check.c:244 plugins/sudoers/iolog.c:169
+#: plugins/sudoers/sudoers.c:960 plugins/sudoers/sudoreplay.c:325
 #: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675
 #: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:744
 #, c-format
 msgid "unable to open %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:240 plugins/sudoers/iolog.c:199
+#: plugins/sudoers/check.c:248 plugins/sudoers/iolog.c:199
 #, c-format
 msgid "unable to write to %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:248 plugins/sudoers/check.c:486
-#: plugins/sudoers/check.c:536 plugins/sudoers/iolog.c:122
+#: plugins/sudoers/check.c:256 plugins/sudoers/check.c:494
+#: plugins/sudoers/check.c:544 plugins/sudoers/iolog.c:122
 #: plugins/sudoers/iolog.c:153
 #, c-format
 msgid "unable to mkdir %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:381
+#: plugins/sudoers/check.c:389
 #, c-format
 msgid "internal error, expand_prompt() overflow"
 msgstr ""
 
-#: plugins/sudoers/check.c:437
+#: plugins/sudoers/check.c:445
 #, c-format
 msgid "timestamp path too long: %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:465 plugins/sudoers/check.c:509
+#: plugins/sudoers/check.c:473 plugins/sudoers/check.c:517
 #: plugins/sudoers/iolog.c:155
 #, c-format
 msgid "%s exists but is not a directory (0%o)"
 msgstr ""
 
-#: plugins/sudoers/check.c:468 plugins/sudoers/check.c:512
-#: plugins/sudoers/check.c:557
+#: plugins/sudoers/check.c:476 plugins/sudoers/check.c:520
+#: plugins/sudoers/check.c:565
 #, c-format
 msgid "%s owned by uid %u, should be uid %u"
 msgstr ""
 
-#: plugins/sudoers/check.c:473 plugins/sudoers/check.c:517
+#: plugins/sudoers/check.c:481 plugins/sudoers/check.c:525
 #, c-format
 msgid "%s writable by non-owner (0%o), should be mode 0700"
 msgstr ""
 
-#: plugins/sudoers/check.c:481 plugins/sudoers/check.c:525
-#: plugins/sudoers/check.c:593 plugins/sudoers/sudoers.c:950
+#: plugins/sudoers/check.c:489 plugins/sudoers/check.c:533
+#: plugins/sudoers/check.c:601 plugins/sudoers/sudoers.c:946
 #: plugins/sudoers/visudo.c:304 plugins/sudoers/visudo.c:544
 #, c-format
 msgid "unable to stat %s"
 msgstr ""
 
-#: plugins/sudoers/check.c:551
+#: plugins/sudoers/check.c:559
 #, c-format
 msgid "%s exists but is not a regular file (0%o)"
 msgstr ""
 
-#: plugins/sudoers/check.c:563
+#: plugins/sudoers/check.c:571
 #, c-format
 msgid "%s writable by non-owner (0%o), should be mode 0600"
 msgstr ""
 
-#: plugins/sudoers/check.c:617
+#: plugins/sudoers/check.c:625
 #, c-format
 msgid "timestamp too far in the future: %20.20s"
 msgstr ""
 
-#: plugins/sudoers/check.c:663
+#: plugins/sudoers/check.c:671
 #, c-format
 msgid "unable to remove %s (%s), will reset to the epoch"
 msgstr ""
 
-#: plugins/sudoers/check.c:671
+#: plugins/sudoers/check.c:679
 #, c-format
 msgid "unable to reset %s to the epoch"
 msgstr ""
 
-#: plugins/sudoers/check.c:725 plugins/sudoers/check.c:731
-#: plugins/sudoers/sudoers.c:804 plugins/sudoers/sudoers.c:808
+#: plugins/sudoers/check.c:733 plugins/sudoers/check.c:739
+#: plugins/sudoers/sudoers.c:800 plugins/sudoers/sudoers.c:804
 #, c-format
 msgid "unknown uid: %u"
 msgstr ""
 
-#: plugins/sudoers/check.c:728 plugins/sudoers/sudoers.c:746
-#: plugins/sudoers/sudoers.c:1081 plugins/sudoers/testsudoers.c:202
+#: plugins/sudoers/check.c:736 plugins/sudoers/sudoers.c:742
+#: plugins/sudoers/sudoers.c:1077 plugins/sudoers/testsudoers.c:202
 #: plugins/sudoers/testsudoers.c:337
 #, c-format
 msgid "unknown user: %s"
@@ -570,7 +570,7 @@ msgstr ""
 
 #: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107
 #: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124
-#: plugins/sudoers/sudoers.c:896 toke.l:663 toke.l:814
+#: plugins/sudoers/sudoers.c:892 toke.l:663 toke.l:814
 #, c-format
 msgid "%s: %s"
 msgstr ""
@@ -614,7 +614,7 @@ msgstr ""
 msgid "Local IP address and netmask pairs:\n"
 msgstr ""
 
-#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:971
+#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:967
 #, c-format
 msgid "unable to read %s"
 msgstr ""
@@ -945,7 +945,7 @@ msgid "User %s is not allowed to run sudo on %s.\n"
 msgstr ""
 
 #: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:904
+#: plugins/sudoers/sudoers.c:900
 msgid "problem with defaults entries"
 msgstr ""
 
@@ -983,130 +983,130 @@ msgstr ""
 msgid "sorry, you must have a tty to run sudo"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:461
+#: plugins/sudoers/sudoers.c:457
 msgid "No user or host"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:475 plugins/sudoers/sudoers.c:496
-#: plugins/sudoers/sudoers.c:497 plugins/sudoers/sudoers.c:1458
-#: plugins/sudoers/sudoers.c:1459
+#: plugins/sudoers/sudoers.c:471 plugins/sudoers/sudoers.c:492
+#: plugins/sudoers/sudoers.c:493 plugins/sudoers/sudoers.c:1454
+#: plugins/sudoers/sudoers.c:1455
 #, c-format
 msgid "%s: command not found"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:493
+#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:489
 #, c-format
 msgid ""
 "ignoring `%s' found in '.'\n"
 "Use `sudo ./%s' if this is the `%s' you wish to run."
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:482
+#: plugins/sudoers/sudoers.c:478
 msgid "validation failure"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:492
+#: plugins/sudoers/sudoers.c:488
 msgid "command in current directory"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:504
+#: plugins/sudoers/sudoers.c:500
 #, c-format
 msgid "sorry, you are not allowed to preserve the environment"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:887
+#: plugins/sudoers/sudoers.c:883
 #, c-format
 msgid "internal error, set_cmnd() overflow"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:929
+#: plugins/sudoers/sudoers.c:925
 #, c-format
 msgid "fixed mode on %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:933
+#: plugins/sudoers/sudoers.c:929
 #, c-format
 msgid "set group on %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:936
+#: plugins/sudoers/sudoers.c:932
 #, c-format
 msgid "unable to set group on %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:939
+#: plugins/sudoers/sudoers.c:935
 #, c-format
 msgid "unable to fix mode on %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:952
+#: plugins/sudoers/sudoers.c:948
 #, c-format
 msgid "%s is not a regular file"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:954
+#: plugins/sudoers/sudoers.c:950
 #, c-format
 msgid "%s is mode 0%o, should be 0%o"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:958
+#: plugins/sudoers/sudoers.c:954
 #, c-format
 msgid "%s is owned by uid %u, should be %u"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:961
+#: plugins/sudoers/sudoers.c:957
 #, c-format
 msgid "%s is owned by gid %u, should be %u"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1005
+#: plugins/sudoers/sudoers.c:1001
 #, c-format
 msgid "only root can use `-c %s'"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1015
+#: plugins/sudoers/sudoers.c:1011
 #, c-format
 msgid "unknown login class: %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1045
 #, c-format
 msgid "unable to resolve host %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1099 plugins/sudoers/testsudoers.c:351
+#: plugins/sudoers/sudoers.c:1095 plugins/sudoers/testsudoers.c:351
 #, c-format
 msgid "unknown group: %s"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1143
+#: plugins/sudoers/sudoers.c:1139
 #, c-format
 msgid "Sudoers policy plugin version %s\n"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1145
+#: plugins/sudoers/sudoers.c:1141
 #, c-format
 msgid "Sudoers file grammar version %d\n"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1149
+#: plugins/sudoers/sudoers.c:1145
 #, c-format
 msgid ""
 "\n"
 "Sudoers path: %s\n"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1152
+#: plugins/sudoers/sudoers.c:1148
 #, c-format
 msgid "nsswitch path: %s\n"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1154
+#: plugins/sudoers/sudoers.c:1150
 #, c-format
 msgid "ldap.conf path: %s\n"
 msgstr ""
 
-#: plugins/sudoers/sudoers.c:1155
+#: plugins/sudoers/sudoers.c:1151
 #, c-format
 msgid "ldap.secret path: %s\n"
 msgstr ""

diff --git a/src/po/sudo.pot b/src/po/sudo.pot
index f0c1c7638aee9cb84459485843bb22bd3d29188f..dc79e5d57c8a748c9fc9dfe3b18f9b0c86a97d61 100644 (file)
--- a/src/po/sudo.pot
+++ b/src/po/sudo.pot
@@ -5,9 +5,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: sudo 1.8.3\n"
+"Project-Id-Version: sudo 1.8.3p2\n"
 "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-09-27 14:07-0400\n"
+"POT-Creation-Date: 2012-01-24 16:12-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"

diff --git a/src/sudo.c b/src/sudo.c
index 40cfc2f4cfeb4103bdf33a74965b7326d9752529..9e52cd5130ca66bea6d874e60d27d5e9e76fa0da 100644 (file)
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -1208,15 +1208,15 @@ void
 sudo_debug(int level, const char *fmt, ...)
 {
     va_list ap;
-    char *fmt2;
+    char *buf;
 
     if (level > debug_level)
        return;
 
-    /* Backet fmt with program name and a newline to make it a single write */
-    easprintf(&fmt2, "%s: %s\n", getprogname(), fmt);
+    /* Bracket fmt with program name and a newline to make it a single write */
     va_start(ap, fmt);
-    vfprintf(stderr, fmt2, ap);
+    evasprintf(&buf, fmt, ap);
     va_end(ap);
-    efree(fmt2);
+    fprintf(stderr, "%s: %s\n", getprogname(), buf);
+    efree(buf);
 }

diff --git a/sudo.pp b/sudo.pp
index 77daeb5fbce12f6ab3f9d7b408d02d4d443ed24c..a6e808cff27eed96bee8572c3cbb5c83cdc01f48 100644 (file)
--- a/sudo.pp
+++ b/sudo.pp
@@ -176,13 +176,26 @@ still allow people to get their work done."
        EOF
 %endif
 
+       # OS-level directories that should generally exist but might not.
+       extradirs=`echo ${pp_destdir}/${mandir}/[mc]* | sed "s#${pp_destdir}/##g"`
+       extradirs="$extradirs `dirname $docdir` `dirname $timedir`"
+       test -d ${pp_destdir}/etc/pam.d && extradirs="${extradirs} /etc/pam.d"
+       for dir in $bindir $sbindir $libexecdir $includedir $extradirs; do
+               while test "$dir" != "/"; do
+                       osdirs="${osdirs}${osdirs+ }$dir/"
+                       dir=`dirname $dir`
+               done
+       done
+       osdirs=`echo $osdirs | tr " " "\n" | sort -u`
+
 %files
+       $osdirs                -
        $bindir/sudo        4111 root:
        $bindir/sudoedit    4111 root:
        $sbindir/visudo     0111
        $bindir/sudoreplay  0111
        $includedir/sudo_plugin.h
-       $libexecdir/*
+       $libexecdir/*           optional
        $sudoersdir/sudoers.d/  0750 $sudoers_uid:$sudoers_gid
        $timedir/               0700 root:
        $docdir/