Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

Best option is to use YUM to install sudo and it's dependent packages.
If that's not an option then the libgcc you need to pick for the AIX 6.1, the one you have is for the AIX 7.1.
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc-6.1/
Along with the listed dependencies you need to have glib2, nurses, Cyrus-sasl.

------------------------------
SANGAMESH
------------------------------

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

thx, Sangamesh

After two days of installing the new sudo on aix7.1 machines, my eyes went "squared"  :-( -  actually downloading ALL from the toolbox again, i will post the final this week

regards

------------------------------
Juergen Maehlmann
------------------------------

Original Message:
Sent: Tue February 09, 2021 02:58 AM
From: SANGAMESH MALLAYYA
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Best option is to use YUM to install sudo and it's dependent packages.
If that's not an option then the libgcc you need to pick for the AIX 6.1, the one you have is for the AIX 7.1.
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc-6.1/
Along with the listed dependencies you need to have glib2, nurses, Cyrus-sasl.

------------------------------
SANGAMESH

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

Hi all,

finally installed all sudo*1.9.5.p2-1.aix*.ppc.rpm using latest gcc8-rpms and their corresponding meta-packages.

I really don't understand, why there is the need to check for gcc9 for everybody, as gcc9 is not downloadable for most of us.

As long as yum.sh is

a) ftp based and
b) not usable with http-proxy
c) inclusive the fixed check for architecture and version of os running,

it's not usable in a highly-secured environment, where direct connections to the internet are forbidden.

Therefore the need of meta-packages is just a hassle.

regards,

------------------------------
Juergen Maehlmann
------------------------------

Original Message:
Sent: Tue February 09, 2021 07:20 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

thx, Sangamesh

After two days of installing the new sudo on aix7.1 machines, my eyes went "squared"  :-( -  actually downloading ALL from the toolbox again, i will post the final this week

regards

------------------------------
Juergen Maehlmann

Original Message:
Sent: Tue February 09, 2021 02:58 AM
From: SANGAMESH MALLAYYA
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Best option is to use YUM to install sudo and it's dependent packages.
If that's not an option then the libgcc you need to pick for the AIX 6.1, the one you have is for the AIX 7.1.
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc-6.1/
Along with the listed dependencies you need to have glib2, nurses, Cyrus-sasl.

------------------------------
SANGAMESH

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

I have worked in such an environement, we created our own internal mirror of the IBM repository on a machine that had the required access.  It was also our internal mirror for linux (SUSE) updates.

------------------------------
Phill Rowbottom
------------------------------

Original Message:
Sent: Fri February 12, 2021 03:11 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

finally installed all sudo*1.9.5.p2-1.aix*.ppc.rpm using latest gcc8-rpms and their corresponding meta-packages.

I really don't understand, why there is the need to check for gcc9 for everybody, as gcc9 is not downloadable for most of us.

As long as yum.sh is

a) ftp based and
b) not usable with http-proxy
c) inclusive the fixed check for architecture and version of os running,

it's not usable in a highly-secured environment, where direct connections to the internet are forbidden.

Therefore the need of meta-packages is just a hassle.

regards,

------------------------------
Juergen Maehlmann

Original Message:
Sent: Tue February 09, 2021 07:20 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

thx, Sangamesh

After two days of installing the new sudo on aix7.1 machines, my eyes went "squared"  :-( -  actually downloading ALL from the toolbox again, i will post the final this week

regards

------------------------------
Juergen Maehlmann

Original Message:
Sent: Tue February 09, 2021 02:58 AM
From: SANGAMESH MALLAYYA
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Best option is to use YUM to install sudo and it's dependent packages.
If that's not an option then the libgcc you need to pick for the AIX 6.1, the one you have is for the AIX 7.1.
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc-6.1/
Along with the listed dependencies you need to have glib2, nurses, Cyrus-sasl.

------------------------------
SANGAMESH

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

I see a newer sudo-1.9.6 version available now on sudo.ws. This was released on 03/15/2021. I used this to update my sudo 1.7 version on Aix 7.1 and 7.2 and was able to update without any dependencies issue ....

------------------------------
Naser Mohammed
------------------------------

Original Message:
Sent: Wed March 17, 2021 06:21 AM
From: Phill Rowbottom
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

I have worked in such an environement, we created our own internal mirror of the IBM repository on a machine that had the required access.  It was also our internal mirror for linux (SUSE) updates.

------------------------------
Phill Rowbottom

Original Message:
Sent: Fri February 12, 2021 03:11 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

finally installed all sudo*1.9.5.p2-1.aix*.ppc.rpm using latest gcc8-rpms and their corresponding meta-packages.

I really don't understand, why there is the need to check for gcc9 for everybody, as gcc9 is not downloadable for most of us.

As long as yum.sh is

a) ftp based and
b) not usable with http-proxy
c) inclusive the fixed check for architecture and version of os running,

it's not usable in a highly-secured environment, where direct connections to the internet are forbidden.

Therefore the need of meta-packages is just a hassle.

regards,

------------------------------
Juergen Maehlmann

Original Message:
Sent: Tue February 09, 2021 07:20 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

thx, Sangamesh

After two days of installing the new sudo on aix7.1 machines, my eyes went "squared"  :-( -  actually downloading ALL from the toolbox again, i will post the final this week

regards

------------------------------
Juergen Maehlmann

Original Message:
Sent: Tue February 09, 2021 02:58 AM
From: SANGAMESH MALLAYYA
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Best option is to use YUM to install sudo and it's dependent packages.
If that's not an option then the libgcc you need to pick for the AIX 6.1, the one you have is for the AIX 7.1.
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc-6.1/
Along with the listed dependencies you need to have glib2, nurses, Cyrus-sasl.

------------------------------
SANGAMESH

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

but sudo-1.9.5-3.aix61.rpm does not resolve CVE . its not the latest version. Latest version is

sudo-1.9.5p2-1

------------------------------
Naser Mohammed
------------------------------

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------

Hi Naser,

as written:
a) sudo-1.9.5.3 was the IBM-untested version from sudo.ws. AND  it fixed this CVE.
 
Problem with that version: id didn't run through the IBM-Testing and it was compiled without any possible needed include's.

b) it is mentioned, that i used in first try the wrong GCC (from aix 7.1)

------------------------------
Juergen Maehlmann
------------------------------

Original Message:
Sent: Mon March 15, 2021 11:27 AM
From: Naser Mohammed
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

but sudo-1.9.5-3.aix61.rpm does not resolve CVE . its not the latest version. Latest version is

sudo-1.9.5p2-1

------------------------------
Naser Mohammed

Original Message:
Sent: Mon February 08, 2021 09:15 AM
From: Juergen Maehlmann
Subject: sudo-1.9.5p2-1.aix6.1.ppc.rpm not installable on aix6.1

Hi all,

provided sudo for CVE-2021-3156 is not installable on aix 6.1.

I installed before latest working rpm.rte-4.13.0.10 for aix 6.1:
===SNIP===
lslpp -l rpm.rte
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

Path: /etc/objrepos
rpm.rte 4.13.0.10 COMMITTED RPM Package Manager

ending in :

rpm -qa | grep AIX-rpm
AIX-rpm-6.1.9.400-15.ppc
===SNAP===

## latest rpm.rte-4.15.1.1 needs 
===SNIP===
File:
I:rpm.rte 4.15.1.1


*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

FAILURES
--------
Filesets listed in this section failed pre-installation verification
and will not be installed.

Requisite Failures
------------------
SELECTED FILESETS: The following is a list of filesets that you asked to
install. They cannot be installed until all of their requisite filesets
are also installed. See subsequent lists for details of requisites.

rpm.rte 4.15.1.1 # RPM Package Manager

MISSING REQUISITES: The following filesets are required by one or more
of the selected filesets listed above. They are not currently installed
and could not be found on the installation media.

bos.rte 7.1.0.0 # Base Level Fileset

<< End of Failure Section >>
===SNAP===


rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm
error: Failed dependencies:
gettext >= 0.19.8.1 is needed by sudo-1.9.5p2-1.ppc
liblber.a(liblber-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
libldap.a(libldap-2.4.so.2) is needed by sudo-1.9.5p2-1.ppc
openldap >= 2.4.48-1 is needed by sudo-1.9.5p2-1.ppc
zlib >= 1.2.11-1 is needed by sudo-1.9.5p2-1.ppc

AND after some more tries:

rpm -Uvh sudo-1.9.5p2-1.aix6.1.ppc.rpm gettext-0.19.8.1-1.aix6.1.ppc.rpm openldap-2.4.48-1.aix6.1.ppc.rpm zlib-1.2.11-1.aix6.1.ppc.rpm libgcc-6.3.0-1.aix7.1.ppc.rpm
error: Failed dependencies:
libglib-2.0.a(libglib-2.0.so.0) is needed by gettext-0.19.8.1-1.ppc
libncurses.a(libncurses.so.6) is needed by gettext-0.19.8.1-1.ppc
cyrus-sasl >= 2.1.26-2 is needed by openldap-2.4.48-1.ppc
libsasl2.a is needed by openldap-2.4.48-1.ppc
AIX-rpm >= 7.1.0.0 is needed by libgcc-6.3.0-1.ppc

ENDS up in needed AIX-rpm >= 7.1.0.0 even for smallest version of libgcc-6 needed by openldap.

I know, that aix6.1 is dying, nevertheless a provided aix6.1-version of rpm's should work.

kind regards,
Juergen Maehlmann

​ps.: to get rid of the CVE as quick as possible, i installed sudo-1.9.5-3.aix61.rpm from sudo.ws.

------------------------------
Juergen Maehlmann
------------------------------