diff options
| author | spz <spz@pkgsrc.org> | 2017-06-07 05:41:53 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2017-06-07 05:41:53 +0000 |
| commit | 7c0e7196d1b85cd6144845a0150a7fd1c674c54a (patch) | |
| tree | 9982e48b78a9c7fe6a2bd5a6029914afb8308f62 /security/sudo | |
| parent | 24872bbfc8e81aa8277518f1bae5fa5e1031945a (diff) | |
| download | pkgsrc-7c0e7196d1b85cd6144845a0150a7fd1c674c54a.tar.gz | |
update to version 1.8.20p2
upstream changelog:
2017-05-31 Todd C. Miller <Todd.Miller@courtesan.com>
* NEWS, configure, configure.ac:
Sudo 1.8.20p2
[47836f4c9834]
* src/ttyname.c:
A command name may also contain newline characters so read
/proc/self/stat until EOF. It is not legal for /proc/self/stat to
contain embedded NUL bytes so treat the file as corrupt if we see
any. With help from Qualys.
This is not exploitable due to the /dev traversal changes in sudo
1.8.20p1 (thanks Solar!).
[15a46f4007dd]
2017-05-30 Todd C. Miller <Todd.Miller@courtesan.com>
* src/ttyname.c:
Use /proc/self consistently on Linux. As far as I know, only AIX
doesn't support /proc/self.
[6f3d9816541b]
Diffstat (limited to 'security/sudo')
| -rw-r--r-- | security/sudo/Makefile | 4 | ||||
| -rw-r--r-- | security/sudo/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/security/sudo/Makefile b/security/sudo/Makefile index 400e9db5a47..e77128194f8 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.154 2017/05/30 16:14:56 maya Exp $ +# $NetBSD: Makefile,v 1.155 2017/06/07 05:41:53 spz Exp $ -DISTNAME= sudo-1.8.20p1 +DISTNAME= sudo-1.8.20p2 CATEGORIES= security MASTER_SITES= http://www.sudo.ws/dist/ MASTER_SITES+= ftp://ftp.sudo.ws/pub/sudo/ diff --git a/security/sudo/distinfo b/security/sudo/distinfo index e357deef7e8..087f42c8fe2 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.91 2017/05/31 02:33:12 maya Exp $ +$NetBSD: distinfo,v 1.92 2017/06/07 05:41:53 spz Exp $ -SHA1 (sudo-1.8.20p1.tar.gz) = 2138fca8c91c0504579aaf57fc39cee95486efd1 -RMD160 (sudo-1.8.20p1.tar.gz) = 1dbf71b6d22e9c75f57942c026be40dc02774859 -SHA512 (sudo-1.8.20p1.tar.gz) = b7d4c07a550da917029e31d15e734d9462f3565ee43eb5f6fd19463b54a2fa3f444381f0999d6d1ba643b65832056dd9177dad4452fa9f87f2542c223b13f258 -Size (sudo-1.8.20p1.tar.gz) = 2930394 bytes +SHA1 (sudo-1.8.20p2.tar.gz) = 7aa187518735312a82c5fcb3d253ed700cb8c68e +RMD160 (sudo-1.8.20p2.tar.gz) = 168f05dd033b14b62c508c85696b89965a15e539 +SHA512 (sudo-1.8.20p2.tar.gz) = 8bf67e687f7a84605fdef8d547b5cd661141b6c8fd25820c33c7e37e97ca7f21f564c3bae691f8a8cd08df7d80338e36a8f06bb5086cc104509d71d6ab1bceda +Size (sudo-1.8.20p2.tar.gz) = 2930769 bytes SHA1 (patch-aa) = 63c89e6d4e530ab92b7452f4025fbbf2a45dad65 SHA1 (patch-af) = db54ce780c174129e2a25a87f3e3a926596c68b2 SHA1 (patch-ag) = 460b9575346c263b944535aa8e2408e959840c77 |