This patch will upgrade Sudo version 1.7.8 to Sudo version 1.7.8 patchlevel 1. To apply: $ cd sudo-1.7.8 $ patch -p1 < sudo-1.7.8p1.patch diff -urNa sudo-1.7.8/ChangeLog sudo-1.7.8p1/ChangeLog --- sudo-1.7.8/ChangeLog Fri Oct 21 09:21:36 2011 +++ sudo-1.7.8p1/ChangeLog Tue Oct 25 15:08:55 2011 @@ -1,8 +1,15 @@ +2011-10-25 Todd C. Miller + + * NEWS, match.c: + When matching a RunasAlias for a runas group, pass the alias in as + the group_list, not the user_list. From Daniel Kopecek. + [3ab0460a4dee] [tip] <1.7> + 2011-10-21 Todd C. Miller * .hgtags: Added tag SUDO_1_7_8 for changeset 571f47a3e08c - [3de502bba852] [tip] <1.7> + [3de502bba852] <1.7> * configure, configure.in: Revert unintended commit of version change to 1.7.8rc1 diff -urNa sudo-1.7.8/NEWS sudo-1.7.8p1/NEWS --- sudo-1.7.8/NEWS Fri Oct 21 09:18:37 2011 +++ sudo-1.7.8p1/NEWS Tue Oct 25 15:07:34 2011 @@ -1,3 +1,8 @@ +What's new in Sudo 1.7.8p1? + + * Fixed matching of a Runas_Alias in the group section of a + Runas_Spec. + What's new in Sudo 1.7.8? * Sudo will now use PAM by default on AIX 6 and higher. diff -urNa sudo-1.7.8/configure sudo-1.7.8p1/configure --- sudo-1.7.8/configure Fri Oct 21 09:19:13 2011 +++ sudo-1.7.8p1/configure Tue Oct 25 15:08:24 2011 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.7.8. +# Generated by GNU Autoconf 2.68 for sudo 1.7.8p1. # # Report bugs to . # @@ -570,8 +570,8 @@ # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.7.8' -PACKAGE_STRING='sudo 1.7.8' +PACKAGE_VERSION='1.7.8p1' +PACKAGE_STRING='sudo 1.7.8p1' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1434,7 +1434,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.7.8 to adapt to many kinds of systems. +\`configure' configures sudo 1.7.8p1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1499,7 +1499,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.7.8:";; + short | recursive ) echo "Configuration of sudo 1.7.8p1:";; esac cat <<\_ACEOF @@ -1718,7 +1718,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.7.8 +sudo configure 1.7.8p1 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2422,7 +2422,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.7.8, which was +It was created by sudo $as_me 1.7.8p1, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20431,7 +20431,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.7.8, which was +This file was extended by sudo $as_me 1.7.8p1, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20497,7 +20497,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.7.8 +sudo config.status 1.7.8p1 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urNa sudo-1.7.8/configure.in sudo-1.7.8p1/configure.in --- sudo-1.7.8/configure.in Fri Oct 21 09:18:59 2011 +++ sudo-1.7.8p1/configure.in Tue Oct 25 15:08:11 2011 @@ -3,7 +3,7 @@ dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.7.8], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.7.8p1], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h) dnl dnl Note: this must come after AC_INIT diff -urNa sudo-1.7.8/match.c sudo-1.7.8p1/match.c --- sudo-1.7.8/match.c Fri Oct 21 09:18:38 2011 +++ sudo-1.7.8p1/match.c Tue Oct 25 15:07:04 2011 @@ -222,7 +222,7 @@ break; case ALIAS: if ((a = alias_find(m->name, RUNASALIAS)) != NULL) { - rval = _runaslist_matches(&a->members, &empty); + rval = _runaslist_matches(&empty, &a->members); if (rval != UNSPEC) group_matched = m->negated ? !rval : rval; break;