Updating link to change in openSUSE:Factory/sudo revision 26.0

OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=762302b9eca24013cbda733513da20e3

sudo-CVE-2010-1163.patch

@@ -0,0 +1,16 @@
+Index: sudo-1.7.2p4/find_path.c
+===================================================================
+--- sudo-1.7.2p4.orig/find_path.c	2010-05-18 17:40:20.000000000 +0200
++++ sudo-1.7.2p4/find_path.c	2010-05-18 17:46:44.000000000 +0200
+@@ -126,7 +126,10 @@ find_path(infile, outfile, sbp, path)
+      * Check current dir if dot was in the PATH
+      */
+     if (!result && checkdot) {
+-	result = sudo_goodpath(infile, sbp);
++        len = snprintf(command, sizeof(command), "./%s", infile);
++        if (len <= 0 || len >= sizeof(command))
++            errorx(1, "%s: File name too long", infile);
++        result = sudo_goodpath(command, sbp);
+ 	if (result && def_ignore_dot)
+ 	    return(NOT_FOUND_DOT);
+     }

sudo.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue May 18 15:52:10 UTC 2010 - puzel@novell.com
+
+- add sudo-CVE-2010-1163.patch (bnc#594738)
+
 -------------------------------------------------------------------
 Wed Feb 24 16:19:35 UTC 2010 - prusnak@suse.cz
 

sudo.spec

@@ -23,7 +23,7 @@ BuildRequires:  openldap2-devel pam-devel postfix
 BuildRequires:  libselinux-devel
 PreReq:         coreutils
 Version:        1.7.2p4
-Release:        1
+Release:        2
 Group:          System/Base
 License:        BSD3c(or similar)
 Url:            http://www.sudo.ws/
@@ -38,6 +38,7 @@ Patch4:         %{name}-1.7.1-strip.diff
 Patch5:         %{name}-1.7.1-secure_path.diff
 Patch6:         %{name}-1.7.1-env.diff
 Patch7:         %{name}-1.7.1-pam_rhost.diff
+Patch8:         sudo-CVE-2010-1163.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -66,6 +67,7 @@ Authors:
 %patch5
 %patch6
 %patch7
+%patch8 -p1
 cp %{SOURCE2} .
 
 %build