sudo: security bump to version 1.8.12

Fixes CVE-2014-9680 - A user with sudo access may be able to exploit
parsing bugs in the time zone parsing functions of the system's C
library functions. The user may also be able to read arbitrary files,
potentially causing changes in system behavior when reading certain
device special files or simply causing the program run via sudo to
block.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

1 files changed, 5 insertions, 6 deletions

diff --git a/package/sudo/sudo.mk b/package/sudo/sudo.mk
index dafd717ff5..3048557364 100644
--- a/package/sudo/sudo.mk
+++ b/package/sudo/sudo.mk
@@ -4,13 +4,12 @@
 #
 ################################################################################
 
-SUDO_VERSION = 1.8.10p3
+SUDO_VERSION = 1.8.12
 SUDO_SITE = http://www.sudo.ws/sudo/dist
 SUDO_LICENSE = ISC BSD-3c
 SUDO_LICENSE_FILES = doc/LICENSE
-# Ships a beta libtool version hence our patch doesn't apply.
-# Run autoreconf to regenerate ltmain.sh.
-SUDO_AUTORECONF = YES
+# This is to avoid sudo's make install from chown()ing files which fails
+SUDO_INSTALL_TARGET_OPTS = INSTALL_OWNER="" DESTDIR="$(TARGET_DIR)" install
 SUDO_CONF_OPTS = \
 	--without-lecture \
 	--without-sendmail \
@@ -23,8 +22,8 @@ SUDO_CONF_OPTS = \
 # mksigname/mksiglist needs to run on build host to generate source files
 define SUDO_BUILD_MKSIGNAME_MKSIGLIST_HOST
 	$(MAKE) $(HOST_CONFIGURE_OPTS) \
-		CPPFLAGS="$(HOST_CPPFLAGS) -I../include -I.." \
-		-C $(@D)/compat mksigname mksiglist
+		CPPFLAGS="$(HOST_CPPFLAGS) -I../../include -I../.." \
+		-C $(@D)/lib/util mksigname mksiglist
 endef
 
 SUDO_POST_CONFIGURE_HOOKS += SUDO_BUILD_MKSIGNAME_MKSIGLIST_HOST