[pkgsrc/trunk]: pkgsrc/security/sudo sudo is nominated for crapware of the ye...

[cube <cube%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/26163c3d0722
branches:  trunk
changeset: 484250:26163c3d0722
user:      cube <cube%pkgsrc.org@localhost>
date:      Fri Nov 26 16:23:57 2004 +0000

description:
sudo is nominated for crapware of the year.  Now at version 1.6.8pl4!

Just as for pl2, changes are about environment sanitizing, meaning there
are possible security issues with current versions.

Changes:

550) The CDPATH variable is now stripped from the environment passed
     to the program to be executed.
551) Fix temp file generation on systems where the _PATH_VARTMP macro
     lacks a trailing slash.
552) The KRB5CCNAME environment variable is preserved during sudo
     execution for password lookups that use GSSAPI.

diffstat:

 security/sudo/Makefile |  8 ++++----
 security/sudo/distinfo |  6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (31 lines):

diff -r 296352ef378e -r 26163c3d0722 security/sudo/Makefile
--- a/security/sudo/Makefile    Fri Nov 26 15:32:34 2004 +0000
+++ b/security/sudo/Makefile    Fri Nov 26 16:23:57 2004 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.73 2004/11/19 23:18:01 jlam Exp $
+# $NetBSD: Makefile,v 1.74 2004/11/26 16:23:57 cube Exp $
 #
 
-DISTNAME=              sudo-1.6.8p2
-PKGNAME=               sudo-1.6.8pl2
-PKGREVISION=           1
+DISTNAME=              sudo-1.6.8p4
+PKGNAME=               sudo-1.6.8pl4
+PKGREVISION=           #
 CATEGORIES=            security
 MASTER_SITES=          http://www.courtesan.com/sudo/dist/ \
                        ftp://ftp.courtesan.com/pub/sudo/ \
diff -r 296352ef378e -r 26163c3d0722 security/sudo/distinfo
--- a/security/sudo/distinfo    Fri Nov 26 15:32:34 2004 +0000
+++ b/security/sudo/distinfo    Fri Nov 26 16:23:57 2004 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.24 2004/11/12 16:47:31 cube Exp $
+$NetBSD: distinfo,v 1.25 2004/11/26 16:23:57 cube Exp $
 
-SHA1 (sudo-1.6.8p2.tar.gz) = eb4d49207036109080f41edff941c069da2566dd
-Size (sudo-1.6.8p2.tar.gz) = 583690 bytes
+SHA1 (sudo-1.6.8p4.tar.gz) = 7bc4935a4d5d1100938774eeb7927f8643730ff2
+Size (sudo-1.6.8p4.tar.gz) = 583961 bytes
 SHA1 (patch-aa) = a4f29f2c228eb3b4af0872cf04a00ffdf41c603c
 SHA1 (patch-af) = 870a0f0504449dbb839c8b8c2dfe6505a9c9ec68
 SHA1 (patch-ag) = 3703932e134ae90281179d0a4ae4760fa420264b