From 39039209feb04b5d9c69ab4810e4489a78cc4cec Mon Sep 17 00:00:00 2001 From: salo Date: Mon, 15 Nov 2004 08:02:54 +0000 Subject: Pullup ticket 140 - requested by Quentin Garnier security fix for sudo Module Name: pkgsrc Committed By: cube Date: Fri Nov 12 16:47:31 UTC 2004 Modified Files: pkgsrc/security/sudo: Makefile PLIST.NetBSD PLIST.SunOS distinfo Log Message: Update to version 1.6.8pl2. Fixes a security flaw for the sad people using bash-as-sh (and people allowing bash scripts to be run through sudo). The user could override commands by functions of her own. ChangeLog: 549) Bash exported functions and the CDPATH variable are now stripped from the environment passed to the program to be executed. --- security/sudo/Makefile | 7 ++++--- security/sudo/PLIST.NetBSD | 3 ++- security/sudo/PLIST.SunOS | 3 ++- security/sudo/distinfo | 6 +++--- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/security/sudo/Makefile b/security/sudo/Makefile index a1adb8f67ea..0a08048206b 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.70 2004/09/17 09:45:02 agc Exp $ +# $NetBSD: Makefile,v 1.70.2.1 2004/11/15 08:02:54 salo Exp $ # -DISTNAME= sudo-1.6.8p1 -PKGNAME= sudo-1.6.8pl1 +DISTNAME= sudo-1.6.8p2 +PKGNAME= sudo-1.6.8pl2 +PKGREVISION= # CATEGORIES= security MASTER_SITES= http://www.courtesan.com/sudo/dist/ \ ftp://ftp.courtesan.com/pub/sudo/ \ diff --git a/security/sudo/PLIST.NetBSD b/security/sudo/PLIST.NetBSD index 4ede11d0d2a..85ea9ed1bbe 100644 --- a/security/sudo/PLIST.NetBSD +++ b/security/sudo/PLIST.NetBSD @@ -1,4 +1,5 @@ -@comment $NetBSD: PLIST.NetBSD,v 1.1 2002/12/25 12:26:46 grant Exp $ +@comment $NetBSD: PLIST.NetBSD,v 1.1.10.1 2004/11/15 08:02:54 salo Exp $ man/man5/sudoers.5 man/man8/sudo.8 +man/man8/sudoedit.8 man/man8/visudo.8 diff --git a/security/sudo/PLIST.SunOS b/security/sudo/PLIST.SunOS index e0d5d161f6f..2703be90fb3 100644 --- a/security/sudo/PLIST.SunOS +++ b/security/sudo/PLIST.SunOS @@ -1,4 +1,5 @@ -@comment $NetBSD: PLIST.SunOS,v 1.1 2002/12/25 12:26:46 grant Exp $ +@comment $NetBSD: PLIST.SunOS,v 1.1.10.1 2004/11/15 08:02:54 salo Exp $ man/man1m/sudo.1m +man/man1m/sudoedit.1m man/man1m/visudo.1m man/man4/sudoers.4 diff --git a/security/sudo/distinfo b/security/sudo/distinfo index fa701b2a49f..58c4aa5ed0b 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.23 2004/09/17 09:25:18 cube Exp $ +$NetBSD: distinfo,v 1.23.2.1 2004/11/15 08:02:54 salo Exp $ -SHA1 (sudo-1.6.8p1.tar.gz) = a093e6ec91ecd964a4901184ae19a3096fb98eed -Size (sudo-1.6.8p1.tar.gz) = 583464 bytes +SHA1 (sudo-1.6.8p2.tar.gz) = eb4d49207036109080f41edff941c069da2566dd +Size (sudo-1.6.8p2.tar.gz) = 583690 bytes SHA1 (patch-aa) = a4f29f2c228eb3b4af0872cf04a00ffdf41c603c SHA1 (patch-af) = 870a0f0504449dbb839c8b8c2dfe6505a9c9ec68 SHA1 (patch-ag) = 3703932e134ae90281179d0a4ae4760fa420264b -- cgit v1.2.3