CVS commit: pkgsrc/security/opendoas

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/opendoas
From: "pin" <pin%netbsd.org@localhost>
Date: Fri, 26 Nov 2021 08:40:40 +0000

Module Name:    pkgsrc
Committed By:   pin
Date:           Fri Nov 26 08:40:40 UTC 2021

Modified Files:
        pkgsrc/security/opendoas: Makefile distinfo
Removed Files:
        pkgsrc/security/opendoas/patches: patch-doas.c

Log Message:
security/opendoas: update to 6.8.1

-This release fixes one major issue that has been assigned CVE-2019-25016.

Rules that allowed the user to execute any command would inherit the
executing users PATH instead of resetting it to a default PATH.
The path will now be correctly reset (d5acd52) to the defined default PATH.

Those rules still allow the user to execute any program from their PATH
but executed commands won't inherit the users PATH anymore.

Rules that limit the user to execute only a specific command are not affected
by this and are only executed from the default PATH and with the PATH
environment variable set to the safe default.

Other changes are:
-apply missing man page changes
-Fixes to the configuration parser 2d7431c, 01ac841 and 36cc28e
-Minor documentation and error message wording changes.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/opendoas/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/opendoas/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/opendoas/patches/patch-doas.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/opendoas/Makefile
diff -u pkgsrc/security/opendoas/Makefile:1.2 pkgsrc/security/opendoas/Makefile:1.3
--- pkgsrc/security/opendoas/Makefile:1.2       Fri Jan 29 07:53:38 2021
+++ pkgsrc/security/opendoas/Makefile   Fri Nov 26 08:40:40 2021
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2021/01/29 07:53:38 jperkin Exp $
+# $NetBSD: Makefile,v 1.3 2021/11/26 08:40:40 pin Exp $
 
-DISTNAME=      opendoas-6.8
-PKGREVISION=   1
+DISTNAME=      opendoas-6.8.1
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=duncaen/}
 GITHUB_TAG=    v${PKGVERSION_NOREV}

Index: pkgsrc/security/opendoas/distinfo
diff -u pkgsrc/security/opendoas/distinfo:1.4 pkgsrc/security/opendoas/distinfo:1.5
--- pkgsrc/security/opendoas/distinfo:1.4       Tue Oct 26 11:17:22 2021
+++ pkgsrc/security/opendoas/distinfo   Fri Nov 26 08:40:40 2021
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.4 2021/10/26 11:17:22 nia Exp $
+$NetBSD: distinfo,v 1.5 2021/11/26 08:40:40 pin Exp $
 
-BLAKE2s (opendoas-6.8.tar.gz) = e3880bf703bbc0d038da43edc032ab927aeac8ed3a86d417f6d7da226476e065
-SHA512 (opendoas-6.8.tar.gz) = 4a57079bba353247e645bc07a5d4e78fd01471d193e83751fd87b72cffa4e152c0f7ea172563f767a7193b14489f57bc066b4fee50842d30b5b7f7ce918434bb
-Size (opendoas-6.8.tar.gz) = 32307 bytes
+BLAKE2s (opendoas-6.8.1.tar.gz) = b85a68323ab88d02d9a0a1e6eb5591ae46fd9080d5657c466bb14ccd1541f581
+SHA512 (opendoas-6.8.1.tar.gz) = d96fe1cdd70e9211de9996ad05bcf7a127facd02af48f7ab2561869d9d16708f1b61722c6e6b9fe15a62e9ef501e09b1ba444b7b43a066f1895e543ebc9402e7
+Size (opendoas-6.8.1.tar.gz) = 32398 bytes
 SHA1 (patch-GNUmakefile) = d301c0334ce6ac7992d61681e1852a301557d300
-SHA1 (patch-doas.c) = 3c4e734e3c8f7bf38e2a58ddb1ba4e1eefe99087

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index