pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q3]: pkgsrc/security/sudo Pullup ticket 855 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/654be7fe0e29
branches: pkgsrc-2005Q3
changeset: 499624:654be7fe0e29
user: snj <snj%pkgsrc.org@localhost>
date: Wed Oct 26 04:37:23 2005 +0000
description:
Pullup ticket 855 - requested by Quentin Garnier
security fix for sudo
Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.82
- pkgsrc/security/sudo/distinfo 1.31
- pkgsrc/security/sudo/patches/patch-ah 1.1
Module Name: pkgsrc
Committed By: cube
Date: Tue Oct 25 22:05:55 UTC 2005
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Added Files:
pkgsrc/security/sudo/patches: patch-ah
Log Message:
Add a patch for CVE-2005-2959: SHELLOPTS and PS4 have to be cleared from
the environment before letting the user execute bash scripts.
Bump PKGREVISION.
>From Debian.
diffstat:
security/sudo/Makefile | 4 ++--
security/sudo/distinfo | 3 ++-
security/sudo/patches/patch-ah | 13 +++++++++++++
3 files changed, 17 insertions(+), 3 deletions(-)
diffs (46 lines):
diff -r 4b84cb7372bd -r 654be7fe0e29 security/sudo/Makefile
--- a/security/sudo/Makefile Tue Oct 25 18:05:26 2005 +0000
+++ b/security/sudo/Makefile Wed Oct 26 04:37:23 2005 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.80 2005/06/20 20:11:11 jlam Exp $
+# $NetBSD: Makefile,v 1.80.4.1 2005/10/26 04:37:23 snj Exp $
#
DISTNAME= sudo-1.6.8p9
PKGNAME= sudo-1.6.8pl9
-PKGREVISION= # empty
+PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= http://www.courtesan.com/sudo/dist/ \
ftp://ftp.courtesan.com/pub/sudo/ \
diff -r 4b84cb7372bd -r 654be7fe0e29 security/sudo/distinfo
--- a/security/sudo/distinfo Tue Oct 25 18:05:26 2005 +0000
+++ b/security/sudo/distinfo Wed Oct 26 04:37:23 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.29 2005/06/20 20:11:11 jlam Exp $
+$NetBSD: distinfo,v 1.29.4.1 2005/10/26 04:37:23 snj Exp $
SHA1 (sudo-1.6.8p9.tar.gz) = f264d1ad9f197920f2e69614db7935b35ca51672
RMD160 (sudo-1.6.8p9.tar.gz) = c1c719504476ab9ac11e0421716d149120463e33
@@ -6,3 +6,4 @@
SHA1 (patch-aa) = a4f29f2c228eb3b4af0872cf04a00ffdf41c603c
SHA1 (patch-af) = 870a0f0504449dbb839c8b8c2dfe6505a9c9ec68
SHA1 (patch-ag) = 3703932e134ae90281179d0a4ae4760fa420264b
+SHA1 (patch-ah) = a08e73c0a20d50a432e01740a9d27b330a1c1998
diff -r 4b84cb7372bd -r 654be7fe0e29 security/sudo/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/sudo/patches/patch-ah Wed Oct 26 04:37:23 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ah,v 1.1.2.2 2005/10/26 04:37:23 snj Exp $
+
+--- env.c.orig 2005-02-06 16:37:01.000000000 +0100
++++ env.c
+@@ -89,6 +89,8 @@ static char *format_env __P((char *, ..
+ static const char *initial_badenv_table[] = {
+ "IFS",
+ "CDPATH",
++ "SHELLOPTS",
++ "PS4",
+ "LOCALDOMAIN",
+ "RES_OPTIONS",
+ "HOSTALIASES",
Home |
Main Index |
Thread Index |
Old Index