Skip to content

Commit 11997b1

Browse files
deepin-ci-robotdeepin-ci-robot
committed
fix: update CVE-2026-35535.patch line numbers to apply cleanly
Refresh patch to eliminate fuzz and match actual source line numbers after previous patches are applied. Upstream: https://www.sudo.ws/security/advisories/CVE-2026-35535/
1 parent aee03eb commit 11997b1

1 file changed

Lines changed: 30 additions & 20 deletions

File tree

debian/patches/cve_2026_35535.patch

Lines changed: 30 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,10 @@ Last-Update: 2026-04-13
1212
plugins/sudoers/logging.c | 2 +-
1313
plugins/sudoers/policy.c | 2 +-
1414
5 files changed, 24 insertions(+), 8 deletions(-)
15-
--- a/include/sudo_eventlog.h
16-
+++ b/include/sudo_eventlog.h
15+
Index: github-sudo-CVE-2026-35535/include/sudo_eventlog.h
16+
===================================================================
17+
--- github-sudo-CVE-2026-35535.orig/include/sudo_eventlog.h
18+
+++ github-sudo-CVE-2026-35535/include/sudo_eventlog.h
1719
@@ -80,6 +80,7 @@ struct eventlog_config {
1820
int syslog_rejectpri;
1921
int syslog_alertpri;
@@ -22,7 +24,7 @@ Last-Update: 2026-04-13
2224
bool omit_hostname;
2325
const char *logpath;
2426
const char *time_fmt;
25-
@@ -151,7 +152,7 @@ void eventlog_set_syslog_rejectpri(int pri);
27+
@@ -151,7 +152,7 @@ void eventlog_set_syslog_rejectpri(int p
2628
void eventlog_set_syslog_alertpri(int pri);
2729
void eventlog_set_syslog_maxlen(size_t len);
2830
void eventlog_set_file_maxlen(size_t len);
@@ -31,9 +33,11 @@ Last-Update: 2026-04-13
3133
void eventlog_set_omit_hostname(bool omit_hostname);
3234
void eventlog_set_logpath(const char *path);
3335
void eventlog_set_time_fmt(const char *fmt);
34-
--- a/lib/eventlog/eventlog.c
35-
+++ b/lib/eventlog/eventlog.c
36-
@@ -299,15 +299,13 @@ exec_mailer(int pipein)
36+
Index: github-sudo-CVE-2026-35535/lib/eventlog/eventlog.c
37+
===================================================================
38+
--- github-sudo-CVE-2026-35535.orig/lib/eventlog/eventlog.c
39+
+++ github-sudo-CVE-2026-35535/lib/eventlog/eventlog.c
40+
@@ -304,15 +304,13 @@ exec_mailer(int pipein)
3741
syslog(LOG_ERR, _("unable to dup stdin: %m")); // -V618
3842
sudo_debug_printf(SUDO_DEBUG_ERROR,
3943
"unable to dup stdin: %s", strerror(errno));
@@ -51,7 +55,7 @@ Last-Update: 2026-04-13
5155
}
5256
argv[0] = sudo_basename(mpath);
5357

54-
@@ -326,11 +324,23 @@ exec_mailer(int pipein)
58+
@@ -331,11 +329,23 @@ exec_mailer(int pipein)
5559
if (setuid(ROOT_UID) != 0) {
5660
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to change uid to %u",
5761
ROOT_UID);
@@ -75,7 +79,7 @@ Last-Update: 2026-04-13
7579
}
7680
}
7781
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
78-
@@ -342,6 +352,9 @@ exec_mailer(int pipein)
82+
@@ -347,6 +357,9 @@ exec_mailer(int pipein)
7983
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to execute %s: %s",
8084
mpath, strerror(errno));
8185
_exit(127);
@@ -85,17 +89,19 @@ Last-Update: 2026-04-13
8589
}
8690

8791
/* Send a message to the mailto user */
88-
--- a/lib/eventlog/eventlog_conf.c
89-
+++ b/lib/eventlog/eventlog_conf.c
90-
@@ -65,6 +65,7 @@ static struct eventlog_config evl_conf = {
91-
LOG_ALERT, /* syslog_rejectpri */
92-
LOG_ALERT, /* syslog_alertpri */
92+
Index: github-sudo-CVE-2026-35535/lib/eventlog/eventlog_conf.c
93+
===================================================================
94+
--- github-sudo-CVE-2026-35535.orig/lib/eventlog/eventlog_conf.c
95+
+++ github-sudo-CVE-2026-35535/lib/eventlog/eventlog_conf.c
96+
@@ -70,6 +70,7 @@ static struct eventlog_config evl_conf =
97+
MAXSYSLOGLEN, /* syslog_maxlen */
98+
0, /* file_maxlen */
9399
ROOT_UID, /* mailuid */
94100
+ ROOT_GID, /* mailgid */
95101
false, /* omit_hostname */
96102
_PATH_SUDO_LOGFILE, /* logpath */
97103
"%h %e %T", /* time_fmt */
98-
@@ -146,9 +147,10 @@ eventlog_set_file_maxlen(size_t len)
104+
@@ -151,9 +152,10 @@ eventlog_set_file_maxlen(size_t len)
99105
}
100106

101107
void
@@ -107,9 +113,11 @@ Last-Update: 2026-04-13
107113
}
108114

109115
void
110-
--- a/plugins/sudoers/logging.c
111-
+++ b/plugins/sudoers/logging.c
112-
@@ -1152,7 +1152,7 @@ init_eventlog_config(void)
116+
Index: github-sudo-CVE-2026-35535/plugins/sudoers/logging.c
117+
===================================================================
118+
--- github-sudo-CVE-2026-35535.orig/plugins/sudoers/logging.c
119+
+++ github-sudo-CVE-2026-35535/plugins/sudoers/logging.c
120+
@@ -1155,7 +1155,7 @@ init_eventlog_config(void)
113121
eventlog_set_syslog_alertpri(def_syslog_badpri);
114122
eventlog_set_syslog_maxlen(def_syslog_maxlen);
115123
eventlog_set_file_maxlen(def_loglinelen);
@@ -118,9 +126,11 @@ Last-Update: 2026-04-13
118126
eventlog_set_omit_hostname(!def_log_host);
119127
eventlog_set_logpath(def_logfile);
120128
eventlog_set_time_fmt(def_log_year ? "%h %e %T %Y" : "%h %e %T");
121-
--- a/plugins/sudoers/policy.c
122-
+++ b/plugins/sudoers/policy.c
123-
@@ -634,7 +634,7 @@ sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v,
129+
Index: github-sudo-CVE-2026-35535/plugins/sudoers/policy.c
130+
===================================================================
131+
--- github-sudo-CVE-2026-35535.orig/plugins/sudoers/policy.c
132+
+++ github-sudo-CVE-2026-35535/plugins/sudoers/policy.c
133+
@@ -639,7 +639,7 @@ sudoers_policy_deserialize_info(struct s
124134
}
125135

126136
#ifdef NO_ROOT_MAILER

0 commit comments

Comments
 (0)