From 71e496a901293dc6e8be0e8d80b09a67cbbddf4e Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 29 May 2017 14:36:17 -0600
Subject: [PATCH] Sudo 1.8.20p1

---
 NEWS      | 13 +++++++++++++
 configure |  0
 2 files changed, 13 insertions(+)
 mode change 100755 => 100644 configure

diff --git a/NEWS b/NEWS
index 171b33bf5..6fba29a2a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,16 @@
+What's new in Sudo 1.8.20p1
+
+ * Fixed "make check" when using OpenSSL or GNU crypt.
+   Bug #787.
+
+ * Fixed CVE-2017-1000367, a bug parsing /proc/pid/stat on Linux
+   when the process name contains spaces.  Since the user has control
+   over the command name, this could potentially be used by a user
+   with sudo access to overwrite an arbitrary file on systems with
+   SELinux enabled.  Also stop performing a breadth-first traversal
+   of /dev when looking for the device; only a hard-coded list of
+   directories are checked,
+
 What's new in Sudo 1.8.20
 
  * Added support for SASL_MECH in ldap.conf. Bug #764
diff --git a/configure b/configure
old mode 100755
new mode 100644
-- 
2.40.0