| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
bump PKGREVISION.
A little bug fix seems to applied.
-rw-r--r-- 1 taca taca 578259 Dec 3 19:38 sudo-1.6.9p9.tar.gz-prev
-rw-r--r-- 1 taca taca 578262 Dec 5 00:27 sudo-1.6.9p9.tar.gz
diff -dupNr sudo-1.6.9p9-20071203/parse.c sudo-1.6.9p9/parse.c
--- sudo-1.6.9p9-20071203/parse.c 2007-11-28 08:29:59.000000000 +0900
+++ sudo-1.6.9p9/parse.c 2007-12-05 00:26:40.000000000 +0900
@@ -90,7 +90,7 @@
#endif /* HAVE_EXTENDED_GLOB */
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.14 2007/10/24 16:43:27 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.15 2007/12/04 15:26:40 millert Exp $";
#endif /* lint */
/*
@@ -202,7 +202,7 @@ sudoers_lookup(pwflag)
return(VALIDATE_OK |
(no_passwd == TRUE ? FLAG_NOPASS : 0) |
(no_execve == TRUE ? FLAG_NOEXEC : 0) |
- (setenv_ok == TRUE ? FLAG_SETENV : 0));
+ (setenv_ok >= TRUE ? FLAG_SETENV : 0));
} else if ((runas_matches == TRUE && cmnd_matches == FALSE) ||
(runas_matches == FALSE && cmnd_matches == TRUE)) {
/*
@@ -212,7 +212,7 @@ sudoers_lookup(pwflag)
return(VALIDATE_NOT_OK |
(no_passwd == TRUE ? FLAG_NOPASS : 0) |
(no_execve == TRUE ? FLAG_NOEXEC : 0) |
- (setenv_ok == TRUE ? FLAG_SETENV : 0));
+ (setenv_ok >= TRUE ? FLAG_SETENV : 0));
}
}
top--;
diff -dupNr sudo-1.6.9p9-20071203/sudo.c sudo-1.6.9p9/sudo.c
--- sudo-1.6.9p9-20071203/sudo.c 2007-12-03 02:13:52.000000000 +0900
+++ sudo-1.6.9p9/sudo.c 2007-12-04 01:12:03.000000000 +0900
@@ -730,8 +730,10 @@ parse_args(argc, argv)
while (NewArgc > 0) {
if (NewArgv[0][0] == '-') {
- if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0')
+ if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') {
warnx("please use single character options");
+ usage(1);
+ }
switch (NewArgv[0][1]) {
case 'p':
|
|
Major changes since Sudo 1.6.9p8:
o The ALL command in sudoers now implies SETENV permissions.
o The command search is now performed using the target user's
auxiliary group vector, not just the target's primary group.
o When determining if the PAM prompt is the default "Password: ",
compare the localized version if possible.
o New passprompt_override option in sudoers to cause sudo's prompt
to be used in all cases. Also set when the -p flag is used.
|
|
|
|
|
|
|
|
|
|
|
|
pkgsrc-users.
|
|
Changes since 5.2.1:
5.2.2 - added SHA-224
- put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL
5.2.3 - fixed issues with FIPS algorithm test vectors
- put RSASSA-ISO into DLL
5.3 - ported to MSVC 2005 with support for x86-64
- added defense against AES timing attacks, and more AES test vectors
- changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR"
5.4 - added Salsa20
- updated Whirlpool to version 3.0
- ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006
5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly)
- improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20,
Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2)
- optimized Camellia and added defense against timing attacks
- updated benchmarks code to show cycles per byte and to time key/IV setup
- started using OpenMP for increased multi-core speed
- enabled GCC optimization flags by default in GNUmakefile
- added blinding and computational error checking for RW signing
- changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce
the risk of reusing random numbers and IVs after virtual machine state
rollback
- changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to
AutoSeededX917RNG<AES>
- fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV
- moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak"
- removed HAVAL, MD5-MAC, XMAC
5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines
5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama
to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64)
- fixed Salsa20 initialization crash on non-SSE2 machines
- fixed Whirlpool crash on Pentium 2 machines
- fixed possible branch prediction analysis (BPA) vulnerability in
MontgomeryReduce(), which may affect security of RSA, RW, LUC
- fixed link error with MSVC 2003 when using "debug DLL" form of runtime library
- fixed crash in SSE2_Add on P4 machines when compiled with
MSVC 6.0 SP5 with Processor Pack
- added support for newly released compilers: MSVC 2008, GCC 4.2, Sun CC 5.9,
Intel C++ Compiler 10.0, and Borland C++Builder 2007
|
|
|
|
accept it.
|
|
Changes unknown.
|
|
changes:
-build fixes (not relevant to pkgsrc)
* Don't print out a warning message in applications using
libgnome-keyring when non-pageable memory cannot be allocated.
|
|
Noteworthy changes in version 0.6.6 (2007-11-15)
------------------------------------------------
* Slightly adjust the stream code.
The check for fflush is omitted because the return
value might be undefined. This fixes a problem reported
from the NetBSD team.
* Don't use __inline__ in src/cipher.c (breaks on Sun CC).
|
|
0.57 2007-09-17 20:45:20 UTC
- Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in
Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois).
- $@ construction used in Net::SSL::connect was messed up, which could
lead to sub-optimal error reporting. (Bug #29372 reported by Jan
Dubois).
- Ensure no proxification is used in t/01-connect.t (which might be the
reason for all the spurious smoke failures). Bug #29373 reported by,
you guessed it, Jan Dubois).
- Silence a dubious fopen() warning in SSLeay.xs.
- s/Netware/NetWare/ in Net/SSL.pm platform check
- Improvements to Makefile.PL for dealing with platforms where openssl
is installed with ./include and ./lib as sibling directories rather
than child directories. This should allow the code to configure and
build "out of the box" on Solaris (and probably other proprietary
platforms).
- Don't carp in LICENSE key addition code in Makefile.PL
0.56_01 2007-08-09 21:59:47 UTC
- Various improvements to the Win32 configure code in Makefile.PL,
based on CPAN tickets #28431 and #28432, by Guenter Knauf,
notably to allow static linking and OpenSSL living in a relative
directory.
- Net::SSL: alarm() is not implemented on Netware platform, so don't
try to set one there. (Guenter Knauf).
- Should build on Solaris correctly (bug fix in include dir
specification). Based on fix suggested in CPAN bug #28680.
0.56 2007-07-10 19:08:20 UTC
- Purely a documentation issue raised by CPAN bug #27935. Users
of previous versions do not need to upgrade.
|
|
|
|
* fix for BUG 312: pam_ldap does not try to reconnect
when LDAP server closed the connection
|
|
* Version 2.0.4 (released 2007-11-16)
** Corrected bug in decompression of expanded compression data.
** API and ABI modifications:
No changes since last version.
|
|
- Update to Spanish -- David Gil
- Bug 1750697 base_header() is undefined fixed -- Juergen and Kevin Johnson
- Bug 1680965 sans lookup fails -- Jordan Wiens
- Updated Chinese language file -- Randy
- Added Sean Muller as the Project Manager -- Kevin Johnson
- Fixed error in contrib/base-rss.php -- Dan
- Added INSTALL and INSTALL.rtf files to docs directory -- Sean Muller
- Bug 1801192 XSS bug in BASE fixed -- Kevin Johnson and Sean Muller
- Bug 1760615 Sort order ignored -- Kevin Johnson and Jordan Weins
|
|
|
|
|
|
|
|
pkgsrc-users.
|
|
Lloyd Parkes in PR 37391.
|
|
|
|
in DNS. Mentioned by Zafer Aydogan in PR pkg/37331.
|
|
- Reduce patch size.
Build problem on DragonFly BSD was noted by YONETANI Tomokazu
via private mail.
|
|
From Zafer Aydogan in PR 37332.
|
|
From Zafer Aydogan in PR 37331.
|
|
From Zafer Aydogan in PR 37331.
|
|
From Zafer Aydogan in PR 37328.
|
|
From Zafer Aydogan in PR 37329.
|
|
* Version 2.0.3 (released 2007-11-10)
** This version backports several fixes from the 2.1.x branch.
** Fixed PKCS #3 parameter export.
** Added gnutls_record_disable_padding() to allow servers talking to
buggy clients that complain if the TLS 1.0 record protocol padding is
used.
** Introduced gnutls_session_enable_compatibility_mode() to allow enabling
all supported compatibility options (like disabling padding).
** Corrected bug which did not allow a server to run without supporting
certificates.
** API and ABI modifications:
gnutls_session_enable_compatibility_mode: ADDED
gnutls_record_disable_padding: ADDED
Add LICENSE, commented out; it contains both LGPL-2.1 and GPL2 code.
|
|
|
|
gpg2.
|
|
the 'gpgsm' option.
|
|
This was causing a build failure for gpgme if the package was built
with the "idea" option.
|
|
Noteworthy changes in version 0.6.5 (2007-10-27)
------------------------------------------------
* Cleanups for the key export and import functionality.
* Clarified the semantic of cdk_pk_check_sigs.
* Now the by usage keydb function correctly finds the
self signature.
patch-aa provided by drochner@; sent upstream, will be in next release.
|
|
2) Added missing PLIST entry
|
|
2) Fix incorrect socket permission
|
|
|
|
Changes:
* Fixed encryption problem if duplicate certificates are in the
keybox.
* Add new options min-passphrase-nonalpha, check-passphrase-pattern,
enforce-passphrase-constraints and max-passphrase-days to
gpg-agent.
* Add command --check-components to gpgconf. Gpgconf now uses the
installed versions of the programs and does not anymore search via
PATH for them.
|
|
* The option --ocsp-signer may now take a filename to allow several
certificates to be valid signers for the default responder.
* New option --ocsp-max-period and improved the OCSP time checks.
* New option --force-default-signer for dirmngr-client.
|
|
version 1.0.3:
* New functions assuan_process_done and assuan_inquire_ext to support
external event loops.
* Changed the license of the library code back to LGPLv2.1 to support
a bunch of GPLv2(only) software which does not allow the use of
LGPLv3.
* Assorted bug fixed and code cleanups.
|
|
This switches to the new gnome-2.20 branch.
|
|
built. Bump package revision because package was previously incomplete
and the package list incorrect.
|
|
Major changes since Sudo 1.6.9p7:
o Fixed a bug where a sudoers entry with no runas user specified
was treated differently from a line with the default runas user
explicitly specified.
|
|
|
|
|
|
This switches to the new gnome-2.20 branch.
|
