This patch will upgrade Sudo version 1.8.6 patchlevel 2 to Sudo version 1.8.6 patchlevel 3. To apply: $ cd sudo-1.8.6p2 $ patch -p1 < sudo-1.8.6p3.patch diff -urNa sudo-1.8.6p2/ChangeLog sudo-1.8.6p3/ChangeLog --- sudo-1.8.6p2/ChangeLog Mon Sep 17 02:21:04 2012 +++ sudo-1.8.6p3/ChangeLog Tue Sep 18 10:04:08 2012 @@ -1,3 +1,26 @@ + + + * NEWS, configure, configure.in: + sudo 1.8.6p3 + [97fef3d9ed65] + +2012-09-17 Todd C. Miller + + * doc/fixman.sh: + Don't use embedded newline when matching, use \n. This got expanded + at some point. Bug #573 + [6652f834b8f5] + + * plugins/sudoers/sudoreplay.c: + Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not + all file systems support d_type. Bug #572 + [8b861c62945f] + + * plugins/sudoers/sudoreplay.c: + Avoid calling fclose(NULL) in the error path when we cannot open an + I/O log file. + [9401d5c4bb05] + 2012-09-16 Todd C. Miller * NEWS, configure, configure.in: diff -urNa sudo-1.8.6p2/NEWS sudo-1.8.6p3/NEWS --- sudo-1.8.6p2/NEWS Sun Sep 16 21:04:55 2012 +++ sudo-1.8.6p3/NEWS Tue Sep 18 09:59:15 2012 @@ -1,3 +1,11 @@ +What's new in Sudo 1.8.6p3? + + * Fixed post-processing of the man pages on systems with legacy + versions of sed. + + * Fixed "sudoreplay -l" on Linux systems with file systems that + set DT_UNKNOWN in the d_type field of struct dirent. + What's new in Sudo 1.8.6p2? * Fixed suspending a command after it has already been resumed diff -urNa sudo-1.8.6p2/configure sudo-1.8.6p3/configure --- sudo-1.8.6p2/configure Sun Sep 16 21:04:56 2012 +++ sudo-1.8.6p3/configure Tue Sep 18 09:59:16 2012 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p2. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p3. # # Report bugs to . # @@ -570,8 +570,8 @@ # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p2' -PACKAGE_STRING='sudo 1.8.6p2' +PACKAGE_VERSION='1.8.6p3' +PACKAGE_STRING='sudo 1.8.6p3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1468,7 +1468,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p2 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1533,7 +1533,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p2:";; + short | recursive ) echo "Configuration of sudo 1.8.6p3:";; esac cat <<\_ACEOF @@ -1759,7 +1759,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p2 +sudo configure 1.8.6p3 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2463,7 +2463,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p2, which was +It was created by sudo $as_me 1.8.6p3, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21495,7 +21495,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p2, which was +This file was extended by sudo $as_me 1.8.6p3, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21561,7 +21561,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p2 +sudo config.status 1.8.6p3 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urNa sudo-1.8.6p2/configure.in sudo-1.8.6p3/configure.in --- sudo-1.8.6p2/configure.in Sun Sep 16 21:04:56 2012 +++ sudo-1.8.6p3/configure.in Tue Sep 18 09:59:16 2012 @@ -3,7 +3,7 @@ dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p2], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT diff -urNa sudo-1.8.6p2/doc/fixman.sh sudo-1.8.6p3/doc/fixman.sh --- sudo-1.8.6p2/doc/fixman.sh Tue Sep 4 09:10:40 2012 +++ sudo-1.8.6p3/doc/fixman.sh Tue Sep 18 09:59:10 2012 @@ -20,8 +20,7 @@ cat >>"$OUTFILE" <<-'EOF' /^\\fR0\\fR$/ { N - s/^\\fR0\\fR\ - minutes\.$/unlimited./ + s/^\\fR0\\fR\nminutes\.$/unlimited./ } EOF diff -urNa sudo-1.8.6p2/plugins/sudoers/sudoreplay.c sudo-1.8.6p3/plugins/sudoers/sudoreplay.c --- sudo-1.8.6p2/plugins/sudoers/sudoreplay.c Tue Sep 4 09:10:41 2012 +++ sudo-1.8.6p3/plugins/sudoers/sudoreplay.c Tue Sep 18 09:59:05 2012 @@ -884,7 +884,8 @@ debug_return_ptr(li); bad: - fclose(fp); + if (fp != NULL) + fclose(fp); efree(buf); free_log_info(li); debug_return_ptr(NULL); @@ -967,6 +968,11 @@ size_t sdlen, sessions_len = 0, sessions_size = 36*36; int i, len; char pathbuf[PATH_MAX], **sessions = NULL; +#ifdef HAVE_STRUCT_DIRENT_D_TYPE + bool checked_type = true; +#else + const bool checked_type = false; +#endif debug_decl(find_sessions, SUDO_DEBUG_UTIL) d = opendir(dir); @@ -990,8 +996,14 @@ (dp->d_name[1] == '.' && dp->d_name[2] == '\0'))) continue; #ifdef HAVE_STRUCT_DIRENT_D_TYPE - if (dp->d_type != DT_DIR) - continue; + if (checked_type) { + if (dp->d_type != DT_DIR) { + /* Not all file systems support d_type. */ + if (dp->d_type != DT_UNKNOWN) + continue; + checked_type = false; + } + } #endif /* Add name to session list. */ @@ -1020,9 +1032,7 @@ } else { /* Strip off "/log" and recurse if a dir. */ pathbuf[sdlen + len - 4] = '\0'; -#ifndef HAVE_STRUCT_DIRENT_D_TYPE - if (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode)) -#endif + if (checked_type || (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode))) find_sessions(pathbuf, re, user, tty); } }