[pkgsrc/trunk]: pkgsrc/security/sudo sudo: updated to 1.8.24

[adam <adam%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f645101c34a1
branches:  trunk
changeset: 311820:f645101c34a1
user:      adam <adam%pkgsrc.org@localhost>
date:      Sun Aug 19 08:46:44 2018 +0000

description:
sudo: updated to 1.8.24

Sudo 1.8.24

 * The LDAP and SSS back-ends now use the same rule evaluation code
   as the sudoers file backend.  This builds on the work in sudo
   1.8.23 where the formatting functions for "sudo -l" output were
   shared.  The handling of negated commands in SSS and LDAP is
   unchanged.

 * Fixed a regression introduced in 1.8.23 where "sudo -i" could
   not be used in conjunction with --preserve-env=VARIABLE.

 * cvtsudoers can now parse base64-encoded attributes in LDIF files.

 * Random insults are now more random.

 * Fixed the noexec wordexp(3) test on FreeBSD.

 * Added SUDO_CONV_PREFER_TTY flag for conversation function to
   tell sudo to try writing to /dev/tty first. Can be used in
   conjunction with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.

 * Sudo now supports an arbitrary number of groups per user on
   Solaris.  Previously, only the first 64 groups were found.
   This should remove the need to set "max_groups" in sudo.conf.

 * Fixed typos in the OpenLDAP sudo schema.

 * Fixed a race condition when building with parallel make.

 * Fixed a duplicate free when netgroup_base in ldap.conf is set
   to an invalid value.

 * Fixed a bug introduced in sudo 1.8.23 on AIX that could prevent
   local users and groups from being resolved properly on systems
   that have users stored in NIS, LDAP or AD.

 * Added a workaround for an AIX bug exposed by a change in sudo
   1.8.23 that prevents the terminal mode from being restored when
   I/O logging is enabled.

 * On systems using PAM, sudo now ignores the PAM_NEW_AUTHTOK_REQD
   and PAM_AUTHTOK_EXPIRED errors from PAM account management if
   authentication is disabled for the user.  This fixes a regression
   introduced in sudo 1.8.23.

 * Fixed an ambiguity in the sudoers manual in the description and
   definition of User, Runas, Host, and Cmnd Aliases.

 * Fixed a bug that resulted in only the first window size change
   event being logged.

 * Fixed a bug on HP-UX systems introduced in sudo 1.8.22 that
   caused sudo to prompt for a password every time when tty-based
   time stamp files were in use.

 * Fixed a compilation problem on systems that define O_PATH or
   O_SEARCH in fnctl.h but do not define O_DIRECTORY.

diffstat:

 security/sudo/Makefile                       |   4 ++--
 security/sudo/distinfo                       |  11 +++++------
 security/sudo/patches/patch-src_sudo__edit.c |  18 ------------------
 3 files changed, 7 insertions(+), 26 deletions(-)

diffs (57 lines):

diff -r 4d375de3cac2 -r f645101c34a1 security/sudo/Makefile
--- a/security/sudo/Makefile    Sun Aug 19 08:39:36 2018 +0000
+++ b/security/sudo/Makefile    Sun Aug 19 08:46:44 2018 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.161 2018/08/14 13:18:37 adam Exp $
+# $NetBSD: Makefile,v 1.162 2018/08/19 08:46:44 adam Exp $
 
-DISTNAME=      sudo-1.8.23
+DISTNAME=      sudo-1.8.24
 CATEGORIES=    security
 MASTER_SITES=  https://www.sudo.ws/dist/
 MASTER_SITES+= ftp://ftp.sudo.ws/pub/sudo/
diff -r 4d375de3cac2 -r f645101c34a1 security/sudo/distinfo
--- a/security/sudo/distinfo    Sun Aug 19 08:39:36 2018 +0000
+++ b/security/sudo/distinfo    Sun Aug 19 08:46:44 2018 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.96 2018/08/14 13:18:37 adam Exp $
+$NetBSD: distinfo,v 1.97 2018/08/19 08:46:44 adam Exp $
 
-SHA1 (sudo-1.8.23.tar.gz) = 8db5a01eda3a14e8b40af7ee1ed6d38660463430
-RMD160 (sudo-1.8.23.tar.gz) = f24c9115cc6601cc94d78842e8d7c15d2039f19a
-SHA512 (sudo-1.8.23.tar.gz) = a9d61850a4857bfd075547a13efb13b054e4736e3ebe3c8a98a90a090b1d9b9688354ec9725fc99d1d256999b6f9c6ae6215ce9770fcdebd7f24731107b48342
-Size (sudo-1.8.23.tar.gz) = 3150674 bytes
+SHA1 (sudo-1.8.24.tar.gz) = 7f2c1dd556223a310a4c7d897176b8d3ff3a6089
+RMD160 (sudo-1.8.24.tar.gz) = 88c6ec16690077a22db2b6b4c2fcc34e1cf2dcfe
+SHA512 (sudo-1.8.24.tar.gz) = ec6295a456a300e81ea2356080d51a57e3eb5d8070d8aab228cece0100ef54954f6c3dd458316b0c2da6839c0d8dab7cdc1a360aceb2594641e064465ecb1ee8
+Size (sudo-1.8.24.tar.gz) = 3175719 bytes
 SHA1 (patch-Makefile.in) = 279c7ad0f7f85ea7bc2d4beb5aa21abdf6237a7c
 SHA1 (patch-configure) = 460b9575346c263b944535aa8e2408e959840c77
 SHA1 (patch-include_sudo__compat.h) = 4f9b021ebdd507949f13e289deabdb6090ab334c
@@ -12,4 +12,3 @@
 SHA1 (patch-plugins_sudoers_logging.c) = 700ac9540a82bea4f3106cea941b785e5bd31203
 SHA1 (patch-plugins_sudoers_starttime.c) = ab051d327a2b01736ab9ceefe7e6f03e0e2f1ee6
 SHA1 (patch-src_Makefile.in) = cc6398a810dc394d8e4b50f2b2412cda839c0ca9
-SHA1 (patch-src_sudo__edit.c) = ef411520ccefbd36bb4adf3329e6144e54647372
diff -r 4d375de3cac2 -r f645101c34a1 security/sudo/patches/patch-src_sudo__edit.c
--- a/security/sudo/patches/patch-src_sudo__edit.c      Sun Aug 19 08:39:36 2018 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,18 +0,0 @@
-$NetBSD: patch-src_sudo__edit.c,v 1.1 2016/09/16 11:50:38 jperkin Exp $
-
-Don't assume O_SEARCH implies support for O_DIRECTORY.
-
---- src/sudo_edit.c.orig       2016-06-18 02:44:21.000000000 +0000
-+++ src/sudo_edit.c
-@@ -347,7 +347,11 @@ dir_is_writable(int dfd, struct user_det
-  * Use O_SEARCH/O_PATH and/or O_DIRECTORY where possible.
-  */
- #if defined(O_SEARCH)
-+# if defined(O_DIRECTORY)
- # define DIR_OPEN_FLAGS       (O_SEARCH|O_DIRECTORY)
-+# else
-+# define DIR_OPEN_FLAGS       (O_SEARCH)
-+# endif
- #elif defined(O_PATH)
- # define DIR_OPEN_FLAGS       (O_PATH|O_DIRECTORY)
- #elif defined(O_DIRECTORY)