pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/sudo Update sudo package from sudo-1.7.2p4 to...
details: https://anonhg.NetBSD.org/pkgsrc/rev/e16bc6484405
branches: trunk
changeset: 574417:e16bc6484405
user: taca <taca%pkgsrc.org@localhost>
date: Fri Apr 16 15:33:52 2010 +0000
description:
Update sudo package from sudo-1.7.2p4 to sudo-1.7.2p6.
Sudo versions 1.7.2p6 and 1.6.9p22 are now available. These releases
fix a privilege escalation bug in the sudoedit functionality.
Summary:
A flaw exists in sudo's -e option (aka sudoedit) in sudo versions
1.6.8 through 1.7.2p5 that may give a user with permission to
run sudoedit the ability to run arbitrary commands. This bug
is related to, but distinct from, CVE 2010-0426.
Sudo versions affected:
1.6.8 through 1.7.2p5 inclusive.
diffstat:
security/sudo/Makefile | 4 ++--
security/sudo/distinfo | 10 +++++-----
security/sudo/patches/patch-aa | 12 ++++++------
3 files changed, 13 insertions(+), 13 deletions(-)
diffs (58 lines):
diff -r 9819e7402e98 -r e16bc6484405 security/sudo/Makefile
--- a/security/sudo/Makefile Fri Apr 16 15:32:58 2010 +0000
+++ b/security/sudo/Makefile Fri Apr 16 15:33:52 2010 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.119 2010/02/26 01:08:38 taca Exp $
+# $NetBSD: Makefile,v 1.120 2010/04/16 15:33:52 taca Exp $
#
-DISTNAME= sudo-1.7.2p4
+DISTNAME= sudo-1.7.2p6
CATEGORIES= security
MASTER_SITES= http://www.courtesan.com/sudo/dist/ \
ftp://ftp.courtesan.com/pub/sudo/ \
diff -r 9819e7402e98 -r e16bc6484405 security/sudo/distinfo
--- a/security/sudo/distinfo Fri Apr 16 15:32:58 2010 +0000
+++ b/security/sudo/distinfo Fri Apr 16 15:33:52 2010 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.61 2010/02/26 01:08:38 taca Exp $
+$NetBSD: distinfo,v 1.62 2010/04/16 15:33:52 taca Exp $
-SHA1 (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = 3a17105e77b35f49b0c9e14628f263a33469afe9
-RMD160 (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = a6cc3b1436f9f4b7ac0017cd4b6bd61ee480808e
-Size (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = 772821 bytes
-SHA1 (patch-aa) = f80a9c0f8a7f4a1072b19c6d02d05c5ffc5d825a
+SHA1 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 45976e82cc2ca9f34cad574629ddd998c377734e
+RMD160 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 9122ee0da71fa8fe84f71e13d1a02173ef317937
+Size (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 771148 bytes
+SHA1 (patch-aa) = bd35d9a9168a70c53b8908570cd86483b117a084
SHA1 (patch-af) = 50e6ecf889c460669a4b632c0fd3b15fc45b1214
SHA1 (patch-ag) = b6153d89cfe634c79f1c5b44d4f0df0089353528
diff -r 9819e7402e98 -r e16bc6484405 security/sudo/patches/patch-aa
--- a/security/sudo/patches/patch-aa Fri Apr 16 15:32:58 2010 +0000
+++ b/security/sudo/patches/patch-aa Fri Apr 16 15:33:52 2010 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-aa,v 1.22 2009/12/20 07:46:32 taca Exp $
+$NetBSD: patch-aa,v 1.23 2010/04/16 15:33:52 taca Exp $
---- Makefile.in.orig 2009-11-25 10:42:00.000000000 +0900
+--- Makefile.in.orig 2010-04-09 21:13:21.000000000 +0000
+++ Makefile.in
-@@ -198,7 +198,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c
+@@ -196,7 +196,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
sudo_noexec.la: sudo_noexec.lo
@@ -11,9 +11,9 @@
# Uncomment the following if you want "make distclean" to clean the parser
@DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h
-@@ -408,36 +408,36 @@ sudoers.ldap.cat: sudoers.ldap.man
- ChangeLog:
- cvs2cl --follow-only trunk
+@@ -403,36 +403,36 @@ sudoers.ldap.cat: sudoers.ldap.man
+ @DEV@LICENSE: license.pod
+ @DEV@ pod2text -l -i0 $> | sed '1,2d' > $@
-install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man
+install: install-dirs install-binaries @INSTALL_NOEXEC@ install-man
Home |
Main Index |
Thread Index |
Old Index