Add a patch for CVE-2005-2959: SHELLOPTS and PS4 have to be cleared from

the environment before letting the user execute bash scripts. Bump PKGREVISION. From Debian.
author: cube <cube@pkgsrc.org> 2005-10-25 22:05:55 +0000
committer: cube <cube@pkgsrc.org> 2005-10-25 22:05:55 +0000
commit: 2741b6b8cb37d5e5feb215a93a465e02ae24cbbd (patch)
tree: 70815c355c80f9842e7880674f9f4dcf6950bf70 /security/sudo/patches
parent: e2882f077a7685a1ea1ebac5d5a0ef7440449a83 (diff)
download: pkgsrc-2741b6b8cb37d5e5feb215a93a465e02ae24cbbd.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/security/sudo/patches/patch-ah b/security/sudo/patches/patch-ah
new file mode 100644
index 00000000000..cb44d76c9a9
--- /dev/null
+++ b/security/sudo/patches/patch-ah
@@ -0,0 +1,13 @@
+$NetBSD: patch-ah,v 1.1 2005/10/25 22:05:55 cube Exp $
+
+--- env.c.orig	2005-02-06 16:37:01.000000000 +0100
++++ env.c
+@@ -89,6 +89,8 @@ static char *format_env		__P((char *, ..
+ static const char *initial_badenv_table[] = {
+     "IFS",
+     "CDPATH",
++    "SHELLOPTS",
++    "PS4",
+     "LOCALDOMAIN",
+     "RES_OPTIONS",
+     "HOSTALIASES",
author	cube <cube@pkgsrc.org>	2005-10-25 22:05:55 +0000
committer	cube <cube@pkgsrc.org>	2005-10-25 22:05:55 +0000
commit	2741b6b8cb37d5e5feb215a93a465e02ae24cbbd (patch)
tree	70815c355c80f9842e7880674f9f4dcf6950bf70 /security/sudo/patches
parent	e2882f077a7685a1ea1ebac5d5a0ef7440449a83 (diff)
download	pkgsrc-2741b6b8cb37d5e5feb215a93a465e02ae24cbbd.tar.gz