diff options
| author | taca <taca@pkgsrc.org> | 2010-04-16 15:33:52 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2010-04-16 15:33:52 +0000 |
| commit | f104d35411d258e75f821c005898f9a14672b08b (patch) | |
| tree | d8ce30990f80f4b5aeb74ccd75ab7f902235d2fc /security | |
| parent | fcb438480f4b9b4237e6d473679c42ec9a325bb9 (diff) | |
| download | pkgsrc-f104d35411d258e75f821c005898f9a14672b08b.tar.gz | |
Update sudo package from sudo-1.7.2p4 to sudo-1.7.2p6.
Sudo versions 1.7.2p6 and 1.6.9p22 are now available. These releases
fix a privilege escalation bug in the sudoedit functionality.
Summary:
A flaw exists in sudo's -e option (aka sudoedit) in sudo versions
1.6.8 through 1.7.2p5 that may give a user with permission to
run sudoedit the ability to run arbitrary commands. This bug
is related to, but distinct from, CVE 2010-0426.
Sudo versions affected:
1.6.8 through 1.7.2p5 inclusive.
Diffstat (limited to 'security')
| -rw-r--r-- | security/sudo/Makefile | 4 | ||||
| -rw-r--r-- | security/sudo/distinfo | 10 | ||||
| -rw-r--r-- | security/sudo/patches/patch-aa | 12 |
3 files changed, 13 insertions, 13 deletions
diff --git a/security/sudo/Makefile b/security/sudo/Makefile index d64deed5b54..d81a5038373 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.119 2010/02/26 01:08:38 taca Exp $ +# $NetBSD: Makefile,v 1.120 2010/04/16 15:33:52 taca Exp $ # -DISTNAME= sudo-1.7.2p4 +DISTNAME= sudo-1.7.2p6 CATEGORIES= security MASTER_SITES= http://www.courtesan.com/sudo/dist/ \ ftp://ftp.courtesan.com/pub/sudo/ \ diff --git a/security/sudo/distinfo b/security/sudo/distinfo index 13e925aa80a..b5a28383c8e 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.61 2010/02/26 01:08:38 taca Exp $ +$NetBSD: distinfo,v 1.62 2010/04/16 15:33:52 taca Exp $ -SHA1 (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = 3a17105e77b35f49b0c9e14628f263a33469afe9 -RMD160 (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = a6cc3b1436f9f4b7ac0017cd4b6bd61ee480808e -Size (sudo-1.7.2p4-200805130/sudo-1.7.2p4.tar.gz) = 772821 bytes -SHA1 (patch-aa) = f80a9c0f8a7f4a1072b19c6d02d05c5ffc5d825a +SHA1 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 45976e82cc2ca9f34cad574629ddd998c377734e +RMD160 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 9122ee0da71fa8fe84f71e13d1a02173ef317937 +Size (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 771148 bytes +SHA1 (patch-aa) = bd35d9a9168a70c53b8908570cd86483b117a084 SHA1 (patch-af) = 50e6ecf889c460669a4b632c0fd3b15fc45b1214 SHA1 (patch-ag) = b6153d89cfe634c79f1c5b44d4f0df0089353528 diff --git a/security/sudo/patches/patch-aa b/security/sudo/patches/patch-aa index 3fa4f82ac39..2dad72d425e 100644 --- a/security/sudo/patches/patch-aa +++ b/security/sudo/patches/patch-aa @@ -1,8 +1,8 @@ -$NetBSD: patch-aa,v 1.22 2009/12/20 07:46:32 taca Exp $ +$NetBSD: patch-aa,v 1.23 2010/04/16 15:33:52 taca Exp $ ---- Makefile.in.orig 2009-11-25 10:42:00.000000000 +0900 +--- Makefile.in.orig 2010-04-09 21:13:21.000000000 +0000 +++ Makefile.in -@@ -198,7 +198,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c +@@ -196,7 +196,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c sudo_noexec.la: sudo_noexec.lo @@ -11,9 +11,9 @@ $NetBSD: patch-aa,v 1.22 2009/12/20 07:46:32 taca Exp $ # Uncomment the following if you want "make distclean" to clean the parser @DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h -@@ -408,36 +408,36 @@ sudoers.ldap.cat: sudoers.ldap.man - ChangeLog: - cvs2cl --follow-only trunk +@@ -403,36 +403,36 @@ sudoers.ldap.cat: sudoers.ldap.man + @DEV@LICENSE: license.pod + @DEV@ pod2text -l -i0 $> | sed '1,2d' > $@ -install: install-dirs install-binaries @INSTALL_NOEXEC@ install-sudoers install-man +install: install-dirs install-binaries @INSTALL_NOEXEC@ install-man |