diff options
author | cube <cube> | 2005-10-25 22:05:55 +0000 |
---|---|---|
committer | cube <cube> | 2005-10-25 22:05:55 +0000 |
commit | 3ccbb3d0d14a927a03fc64c5a595a00419743e96 (patch) | |
tree | 70815c355c80f9842e7880674f9f4dcf6950bf70 /security | |
parent | 3104d6305defe37ca61eb8138e53f3dfa2ae7de8 (diff) | |
download | pkgsrc-3ccbb3d0d14a927a03fc64c5a595a00419743e96.tar.gz |
Add a patch for CVE-2005-2959: SHELLOPTS and PS4 have to be cleared from
the environment before letting the user execute bash scripts.
Bump PKGREVISION.
From Debian.
Diffstat (limited to 'security')
-rw-r--r-- | security/sudo/Makefile | 3 | ||||
-rw-r--r-- | security/sudo/distinfo | 3 | ||||
-rw-r--r-- | security/sudo/patches/patch-ah | 13 |
3 files changed, 17 insertions, 2 deletions
diff --git a/security/sudo/Makefile b/security/sudo/Makefile index a664a62be16..170cfaddd8f 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.81 2005/10/07 12:53:02 rillig Exp $ +# $NetBSD: Makefile,v 1.82 2005/10/25 22:05:55 cube Exp $ # DISTNAME= sudo-1.6.8p9 PKGNAME= sudo-1.6.8pl9 +PKGREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.courtesan.com/sudo/dist/ \ ftp://ftp.courtesan.com/pub/sudo/ \ diff --git a/security/sudo/distinfo b/security/sudo/distinfo index aeabb20e6b2..310d5da5aa5 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.30 2005/10/11 01:53:16 riz Exp $ +$NetBSD: distinfo,v 1.31 2005/10/25 22:05:55 cube Exp $ SHA1 (sudo-1.6.8p9.tar.gz) = f264d1ad9f197920f2e69614db7935b35ca51672 RMD160 (sudo-1.6.8p9.tar.gz) = c1c719504476ab9ac11e0421716d149120463e33 @@ -6,3 +6,4 @@ Size (sudo-1.6.8p9.tar.gz) = 585509 bytes SHA1 (patch-aa) = a4f29f2c228eb3b4af0872cf04a00ffdf41c603c SHA1 (patch-af) = 245761812dc600b3d2752fa135ba367bb0223370 SHA1 (patch-ag) = 87c3263674ec98ccc9cc33f2108a2456eddaecc5 +SHA1 (patch-ah) = a08e73c0a20d50a432e01740a9d27b330a1c1998 diff --git a/security/sudo/patches/patch-ah b/security/sudo/patches/patch-ah new file mode 100644 index 00000000000..cb44d76c9a9 --- /dev/null +++ b/security/sudo/patches/patch-ah @@ -0,0 +1,13 @@ +$NetBSD: patch-ah,v 1.1 2005/10/25 22:05:55 cube Exp $ + +--- env.c.orig 2005-02-06 16:37:01.000000000 +0100 ++++ env.c +@@ -89,6 +89,8 @@ static char *format_env __P((char *, .. + static const char *initial_badenv_table[] = { + "IFS", + "CDPATH", ++ "SHELLOPTS", ++ "PS4", + "LOCALDOMAIN", + "RES_OPTIONS", + "HOSTALIASES", |