From 23aff2b372a458ed8f5e2e508aee5bab24de2687 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 28 Jun 2025 10:30:36 -0600 Subject: [PATCH] Sudo 1.9.17p1 --- NEWS | 12 ++++++++++++ configure | 18 +++++++++--------- configure.ac | 2 +- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 273c693cc..f4f737d0b 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,15 @@ +What's new in Sudo 1.9.17p1 + + * Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified + when running a command or editing a file. This could enable a + local privilege escalation attack if the sudoers file allows the + user to run commands on a different host. + + * Fixed CVE-2025-32463. An attacker can leverage sudo's -R + (--chroot) option to run arbitrary commands as root, even if + they are not listed in the sudoers file. The chroot support has + been deprecated an will be removed entirely in a future release. + What's new in Sudo 1.9.17 * Sudo now uses the NODEV macro consistently. Bug #1074. diff --git a/configure b/configure index d0b680fdb..ad340055f 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.72 for sudo 1.9.17. +# Generated by GNU Autoconf 2.72 for sudo 1.9.17p1. # # Report bugs to . # @@ -614,8 +614,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.9.17' -PACKAGE_STRING='sudo 1.9.17' +PACKAGE_VERSION='1.9.17p1' +PACKAGE_STRING='sudo 1.9.17p1' PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/' PACKAGE_URL='' @@ -1651,7 +1651,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -'configure' configures sudo 1.9.17 to adapt to many kinds of systems. +'configure' configures sudo 1.9.17p1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1717,7 +1717,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.9.17:";; + short | recursive ) echo "Configuration of sudo 1.9.17p1:";; esac cat <<\_ACEOF @@ -2013,7 +2013,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.9.17 +sudo configure 1.9.17p1 generated by GNU Autoconf 2.72 Copyright (C) 2023 Free Software Foundation, Inc. @@ -2833,7 +2833,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.9.17, which was +It was created by sudo $as_me 1.9.17p1, which was generated by GNU Autoconf 2.72. Invocation command line was $ $0$ac_configure_args_raw @@ -37071,7 +37071,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.9.17, which was +This file was extended by sudo $as_me 1.9.17p1, which was generated by GNU Autoconf 2.72. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -37139,7 +37139,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -sudo config.status 1.9.17 +sudo config.status 1.9.17p1 configured by $0, generated by GNU Autoconf 2.72, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 7180a175f..84c11523c 100644 --- a/configure.ac +++ b/configure.ac @@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. dnl AC_PREREQ([2.69]) -AC_INIT([sudo], [1.9.17], [https://bugzilla.sudo.ws/], [sudo]) +AC_INIT([sudo], [1.9.17p1], [https://bugzilla.sudo.ws/], [sudo]) AC_CONFIG_HEADERS([config.h pathnames.h]) AC_CONFIG_SRCDIR([src/sudo.c]) AC_CONFIG_AUX_DIR([scripts])