pkgsrc.se | The NetBSD package collection

./security/sudo, Allow others to run commands as root

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2013Q4, Version: 1.7.10p8, Package name: sudo-1.7.10p8, Maintainer: kim

Sudo is a program designed to allow a sysadmin to give limited root
privileges to users and log root activity. The basic philosophy is to
give as few privileges as possible but still allow people to get their
work done.

Package options: skey

Master sites: (Expand)

SHA1: deb83d8ba8f15f70c134c3f3a74e750925aa9f59
RMD160: de3594843c006f7d5d3b21c79dd4115b4823b19d
Filesize: 1192.37 KB

Version history: (Expand)

(2014-03-08) Updated to version: sudo-1.7.10p8
(2014-01-01) Package added to pkgsrc.se, version sudo-1.7.10p7 (created)

CVS history: (Expand)

2014-03-08 21:33:47 by S.P.Zeidler | Files touched by this commit (5) | Package updated

Log message:
Pullup ticket #4337 - requested by kim
security/sudo: security update

Revisions pulled up:
- security/sudo/Makefile                                        1.142
- security/sudo/distinfo                                        1.81
- security/sudo/patches/patch-af                                1.31
- security/sudo/patches/patch-ag                                1.22
- security/sudo/patches/patch-logging.c                         1.4

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   kim
   Date:           Sat Mar  8 11:51:56 UTC 2014

   Modified Files:
           pkgsrc/security/sudo: Makefile distinfo
           pkgsrc/security/sudo/patches: patch-af patch-ag patch-logging.c

   Log message:
   Upgrade to address CVE-2014-0106

   http://www.sudo.ws/sudo/alerts/env_add.html

   What's new in Sudo 1.7.10p8?

   * Sudo's exit code now indicates a failure if the user does not
     successfully authenticate.

   * On HP-UX systems, sudo will now use the pstat() function to
     determine the tty instead of ttyname().

   * Fixed compilation when --without-iologdir configure option is
     specified.

   * On systems with BSD login classes, if the user specified a group
     (not a user) to run the command as, it was possible to specify
     a different login class even when the command was not run as the
     super user.

   * The closefrom() emulation on Mac OS X now uses /dev/fd if possible.
     It also now sets the close on exec flag instead of actually
     closing the descriptors to avoid a crash in libdispatch.

   * The sudoers plugin will now ignore invalid domain names when
     checking netgroup membership.  Most Linux systems use the string
     "(none)" for the NIS-style domain name instead of an empty string.

   * Fixed the logic when checking environment variables on the
     command line against the env_check and env_delete blacklists.
     This is only a problem when env_reset is disabled in sudoers.

   To generate a diff of this commit:
   cvs rdiff -u -r1.141 -r1.142 pkgsrc/security/sudo/Makefile
   cvs rdiff -u -r1.80 -r1.81 pkgsrc/security/sudo/distinfo
   cvs rdiff -u -r1.30 -r1.31 pkgsrc/security/sudo/patches/patch-af
   cvs rdiff -u -r1.21 -r1.22 pkgsrc/security/sudo/patches/patch-ag
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/sudo/patches/patch-logging.c