Subject: CVS commit: [pkgsrc-2014Q4] pkgsrc/security/sudo
From: Matthias Scheler
Date: 2015-02-14 10:31:17
Message id: 20150214093117.9C3E998@cvs.netbsd.org

Log Message:
Pullup ticket #4612 - requested by spz
security/sudo: security update

Revisions pulled up:
- security/sudo/Makefile                                        1.145
- security/sudo/distinfo                                        1.82

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Wed Feb 11 09:11:59 UTC 2015

   Modified Files:
   	pkgsrc/security/sudo: Makefile distinfo

   Log Message:
   update of sudo to the next upstream patch version (1.7.10p8 to 1.7.10p9)

   Upstream Changelog:

   +   The TZ environment variable is now checked for safety instead of
       simply being copied to the environment of the command.
       This fixes a potential security issue.

   +   Sudo now only builds Position Independent Executables (PIE) by
       default on Linux systems and verifies that a trivial test program
       builds and runs.

   +   On Solaris 11.1 and higher, sudo binaries will now have the ASLR tag
       enabled if supported by the linker.

Files:
RevisionActionfile
1.144.2.1modifypkgsrc/security/sudo/Makefile
1.81.8.1modifypkgsrc/security/sudo/distinfo