package/sudo: security bump to version 1.8.28

Fixes CVE-2019-14287: a sudo user may be able to run a command as root when the Runas specification explicitly disallows root access as long as the ALL keyword is listed first. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
author: Baruch Siach <baruch@tkos.co.il> 2019-10-15 09:59:07 +0300
committer: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2019-10-15 09:20:57 +0200
commit: 4a96d627491dbf1ae622053068176ec27d3cdf60 (patch)
tree: 79a261ab61923d02987e25f64711c985bfcfe000
parent: 9cf61746a28178cff8e700257ecddf950e958ec5 (diff)
download: buildroot-4a96d627491dbf1ae622053068176ec27d3cdf60.tar.bz2
2 files changed, 2 insertions, 2 deletions
diff --git a/package/sudo/sudo.hash b/package/sudo/sudo.hash
index 8a3511df82..1795952988 100644
--- a/package/sudo/sudo.hash
+++ b/package/sudo/sudo.hash
@@ -1,4 +1,4 @@
 # From: http://www.sudo.ws/download.html
-sha256 7beb68b94471ef56d8a1036dbcdc09a7b58a949a68ffce48b83f837dd33e2ec0  sudo-1.8.27.tar.gz
+sha256 9129fa745a08caff0ce2042d2162b38eb9bf73bf43fcb248ac8b3a750c1f13a1  sudo-1.8.28.tar.gz
 # Locally calculated
 sha256 e0e7990185834e9f08f3e922905d7bfaf998d13be668c6026d2586b1718210ba  doc/LICENSE
diff --git a/package/sudo/sudo.mk b/package/sudo/sudo.mk
index 48c8921043..cf8b63b1db 100644
--- a/package/sudo/sudo.mk
+++ b/package/sudo/sudo.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SUDO_VERSION = 1.8.27
+SUDO_VERSION = 1.8.28
 SUDO_SITE = https://www.sudo.ws/sudo/dist
 SUDO_LICENSE = ISC, BSD-3-Clause
 SUDO_LICENSE_FILES = doc/LICENSE
author	Baruch Siach <baruch@tkos.co.il>	2019-10-15 09:59:07 +0300
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2019-10-15 09:20:57 +0200
commit	4a96d627491dbf1ae622053068176ec27d3cdf60 (patch)
tree	79a261ab61923d02987e25f64711c985bfcfe000
parent	9cf61746a28178cff8e700257ecddf950e958ec5 (diff)
download	buildroot-4a96d627491dbf1ae622053068176ec27d3cdf60.tar.bz2