diff options
| author | taca <taca@pkgsrc.org> | 2020-09-19 14:04:29 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2020-09-19 14:04:29 +0000 |
| commit | 6ebd37daf5b3aaa986b876da8df7969e2f4d67dd (patch) | |
| tree | ad71802328b04e760713c89a822448e4b5fba7ac /security/sudo/patches | |
| parent | f2e63a118aefd63410ce6b1bc2a8208223f939cf (diff) | |
| download | pkgsrc-6ebd37daf5b3aaa986b876da8df7969e2f4d67dd.tar.gz | |
security/sudo: update to 1.8.31p2
Update sudo package to 1.8.31p2.
What's new in Sudo 1.8.31p2
* Sudo command line options that take a value may only be specified
once. This is to help guard against problems caused by poorly
written scripts that invoke sudo with user-controlled input.
Bug #924.
* When running a command in a pty, sudo will no longer try to
suspend itself if the user's tty has been revoked (for instance
when the parent ssh daemon is killed). This fixes a bug where
sudo would continuously suspend the command (which would succeed),
then suspend itself (which would fail due to the missing tty)
and then resume the command.
* If sudo's event loop fails due to the tty being revoked, remove
the user's tty events and restart the event loop (once). This
fixes a problem when running "sudo reboot" in a pty on some
systems. When the event loop exited unexpectedly, sudo would
kill the command running in the pty, which in the case of "reboot",
could lead to the system being in a half-rebooted state.
* Fixed a regression introduced in sudo 1.8.23 in the LDAP and
SSSD back-ends where a missing sudoHost attribute was treated
as an "ALL" wildcard value. A sudoRole with no sudoHost attribute
is now ignored as it was prior to version 1.8.23.
Diffstat (limited to 'security/sudo/patches')
| -rw-r--r-- | security/sudo/patches/patch-configure | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/security/sudo/patches/patch-configure b/security/sudo/patches/patch-configure index e159121920f..6c18c0e8818 100644 --- a/security/sudo/patches/patch-configure +++ b/security/sudo/patches/patch-configure @@ -1,4 +1,4 @@ -$NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ +$NetBSD: patch-configure,v 1.3 2020/09/19 14:04:29 taca Exp $ * Add "--with-nbsdops" option, NetBSD standard options. * Link with util(3) in the case of DragonFly, too. @@ -7,9 +7,9 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ functions (HAVE_KRB5_*). * Remove setting sysconfdir to "/etc". ---- configure.orig 2019-12-26 06:24:43.000000000 +0200 -+++ configure 2019-12-28 21:41:28.049372280 +0200 -@@ -869,6 +869,7 @@ +--- configure.orig 2020-06-12 13:15:11.000000000 +0000 ++++ configure +@@ -870,6 +870,7 @@ with_libpath with_libraries with_efence with_csops @@ -17,7 +17,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ with_passwd with_skey with_opie -@@ -1581,7 +1582,7 @@ +@@ -1592,7 +1593,7 @@ Fine tuning of the installation director --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] @@ -25,8 +25,8 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] -@@ -1694,6 +1695,7 @@ + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] +@@ -1706,6 +1707,7 @@ Optional Packages: --with-libraries additional libraries to link with --with-efence link with -lefence for malloc() debugging --with-csops add CSOps standard options @@ -34,7 +34,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ --without-passwd don't use passwd/shadow file for authentication --with-skey[=DIR] enable S/Key support --with-opie[=DIR] enable OPIE support -@@ -4797,6 +4799,23 @@ +@@ -4809,6 +4811,23 @@ fi @@ -58,7 +58,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ # Check whether --with-passwd was given. if test "${with_passwd+set}" = set; then : withval=$with_passwd; case $with_passwd in -@@ -15925,7 +15944,7 @@ +@@ -15937,7 +15956,7 @@ fi : ${mansectsu='1m'} : ${mansectform='4'} ;; @@ -67,7 +67,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ shadow_funcs="getspnam" test -z "$with_pam" && AUTH_EXCL_DEF="PAM" # Check for SECCOMP_SET_MODE_FILTER in linux/seccomp.h -@@ -18163,7 +18182,7 @@ +@@ -18175,7 +18194,7 @@ if test "x$ac_cv_header_login_cap_h" = x _ACEOF LOGINCAP_USAGE='[-c class] '; LCMAN=1 case "$OS" in @@ -76,7 +76,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ SUDO_LIBS="${SUDO_LIBS} -lutil" SUDOERS_LIBS="${SUDOERS_LIBS} -lutil" ;; -@@ -22993,10 +23012,9 @@ +@@ -23018,10 +23037,9 @@ if test ${with_pam-"no"} != "no"; then # Check for pam_start() in libpam first, then for pam_appl.h. # found_pam_lib=no @@ -89,7 +89,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS -@@ -23020,18 +23038,17 @@ +@@ -23045,18 +23063,17 @@ return pam_start (); } _ACEOF if ac_fn_c_try_link "$LINENO"; then : @@ -113,7 +113,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ found_pam_lib=yes fi -@@ -23766,6 +23783,8 @@ +@@ -23791,6 +23808,8 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext AUTH_OBJS="$AUTH_OBJS kerb5.lo" fi @@ -122,7 +122,7 @@ $NetBSD: patch-configure,v 1.2 2019/12/28 20:43:56 kim Exp $ _LIBS="$LIBS" LIBS="${LIBS} ${SUDOERS_LIBS}" for ac_func in krb5_verify_user krb5_init_secure_context -@@ -27026,7 +27045,6 @@ +@@ -27051,7 +27070,6 @@ test "$datarootdir" = '${prefix}/share' test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)' test "$localedir" = '${datarootdir}/locale' && localedir='$(datarootdir)/locale' test "$localstatedir" = '${prefix}/var' && localstatedir='$(prefix)/var' |