diff --git a/cloud-init.spec b/cloud-init.spec index 0723c8b582be89730330f81b62fde4a5e7638f84..ad0cbceb3cbc1de0e30aac18d3586248e241191d 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -1,6 +1,6 @@ Name: cloud-init Version: 21.4 -Release: 5 +Release: 6 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance. License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init @@ -15,6 +15,7 @@ Patch3: bugfix-sort-requirements.patch Patch4: add-variable-to-forbid-tmp-dir.patch Patch5: backport-add-Requires-cloud-init-hotplugd.socket-in-cloud-init-hotplugd.service-file.patch Patch6: backport-testing-add-additional-mocks-to-test_net-tests-1356.patch +Patch7: delete-config-nopasswd-all.patch Patch9000: Fix-the-error-level-logs-displayed-for-the-cloud-init-local-service.patch @@ -126,6 +127,11 @@ fi %exclude /usr/share/doc/* %changelog +* Tue Dec 20 2022 xuxinyu - 21.4-6 +- Type:security +- CVE: +- DESC:delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl + * Wed Nov 30 2022 shixuantong - 21.4-5 - rename patch diff --git a/delete-config-nopasswd-all.patch b/delete-config-nopasswd-all.patch new file mode 100644 index 0000000000000000000000000000000000000000..2c08107a3b081288d8ccef3937593c028472c565 --- /dev/null +++ b/delete-config-nopasswd-all.patch @@ -0,0 +1,23 @@ +From 5d4297092279a96da79b6404dfb7f31cc406b01c Mon Sep 17 00:00:00 2001 +From: qiushigang +Date: Thu, 18 Aug 2022 09:51:59 +0800 +Subject: [xfusion]cloud-init:delete "ALL=(ALL) NOPASSWD:ALL" in cloud.cfg.tmpl + +--- + config/cloud.cfg.tmpl | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl +index 39e36dd..cbf91ac 100644 +--- a/config/cloud.cfg.tmpl ++++ b/config/cloud.cfg.tmpl +@@ -252,7 +252,6 @@ system_info: + {% else %} + groups: [wheel, adm, systemd-journal] + {% endif %} +- sudo: ["ALL=(ALL) NOPASSWD:ALL"] + {% if variant == "alpine" %} + shell: /bin/ash + {% else %} +-- +2.27.0