Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pullup ticket #4337 - requested by kim
security/sudo: security update Revisions pulled up: - security/sudo/Makefile 1.142 - security/sudo/distinfo 1.81 - security/sudo/patches/patch-af 1.31 - security/sudo/patches/patch-ag 1.22 - security/sudo/patches/patch-logging.c 1.4 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: kim Date: Sat Mar 8 11:51:56 UTC 2014 Modified Files: pkgsrc/security/sudo: Makefile distinfo pkgsrc/security/sudo/patches: patch-af patch-ag patch-logging.c Log Message: Upgrade to address CVE-2014-0106 http://www.sudo.ws/sudo/alerts/env_add.html What's new in Sudo 1.7.10p8? * Sudo's exit code now indicates a failure if the user does not successfully authenticate. * On HP-UX systems, sudo will now use the pstat() function to determine the tty instead of ttyname(). * Fixed compilation when --without-iologdir configure option is specified. * On systems with BSD login classes, if the user specified a group (not a user) to run the command as, it was possible to specify a different login class even when the command was not run as the super user. * The closefrom() emulation on Mac OS X now uses /dev/fd if possible. It also now sets the close on exec flag instead of actually closing the descriptors to avoid a crash in libdispatch. * The sudoers plugin will now ignore invalid domain names when checking netgroup membership. Most Linux systems use the string "(none)" for the NIS-style domain name instead of an empty string. * Fixed the logic when checking environment variables on the command line against the env_check and env_delete blacklists. This is only a problem when env_reset is disabled in sudoers. To generate a diff of this commit: cvs rdiff -u -r1.141 -r1.142 pkgsrc/security/sudo/Makefile cvs rdiff -u -r1.80 -r1.81 pkgsrc/security/sudo/distinfo cvs rdiff -u -r1.30 -r1.31 pkgsrc/security/sudo/patches/patch-af cvs rdiff -u -r1.21 -r1.22 pkgsrc/security/sudo/patches/patch-ag cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/sudo/patches/patch-logging.c
- Loading branch information
spz
committed
Mar 8, 2014
1 parent
a0386be
commit 6c98020
Showing
5 changed files
with
32 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,9 @@ | ||
$NetBSD: distinfo,v 1.80 2013/07/26 10:48:22 ryoon Exp $ | ||
$NetBSD: distinfo,v 1.80.4.1 2014/03/08 20:33:47 spz Exp $ | ||
|
||
SHA1 (sudo-1.7.10p7.tar.gz) = b5beb1a470d1f03b3940aff612f5089244dd773a | ||
RMD160 (sudo-1.7.10p7.tar.gz) = 171e54506c30a85fa642070332db012aba4a6203 | ||
Size (sudo-1.7.10p7.tar.gz) = 1217508 bytes | ||
SHA1 (sudo-1.7.10p8.tar.gz) = deb83d8ba8f15f70c134c3f3a74e750925aa9f59 | ||
RMD160 (sudo-1.7.10p8.tar.gz) = de3594843c006f7d5d3b21c79dd4115b4823b19d | ||
Size (sudo-1.7.10p8.tar.gz) = 1220987 bytes | ||
SHA1 (patch-aa) = 0c9c173a26ea72dd06a7d3947a0b3ba6dc00cf40 | ||
SHA1 (patch-af) = 463b1653f3015d08cd4c03b7f29d206d96aa1cc0 | ||
SHA1 (patch-ag) = e0d9efd8afeda339d9cd186ffd6f644b15e8b213 | ||
SHA1 (patch-logging.c) = 26608d7423b77f71f17b37cc87f4b2e75978d7cb | ||
SHA1 (patch-af) = 3462525bd0863ec5f957173a10839aed2b7cbb69 | ||
SHA1 (patch-ag) = 86f9838045f2bed7eb8e4271553c510be31b7d6b | ||
SHA1 (patch-logging.c) = a16a9c6020a79cc378c3cfd1c6a1abd2326c8e6d |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters