Path to this page:
Subject: CVS commit: [pkgsrc-2022Q4] pkgsrc/security/sudo
From: S.P.Zeidler
Date: 2023-02-12 20:28:57
Message id: 20230212192857.B9C32FA90@cvs.NetBSD.org
Log Message:
Pullup ticket #6735 - requested by taca
security/sudo: security update
Revisions pulled up:
- security/sudo/Makefile 1.194
- security/sudo/distinfo 1.126
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 6 14:35:32 UTC 2023
Modified Files:
pkgsrc/security/sudo: Makefile distinfo
Log Message:
security/sudo: update to 1.9.12p2
1.9.12.p2 (2023-01-18)
* Fixed a compilation error on Linux/aarch64. GitHub issue #197.
* Fixed a potential crash introduced in the fix for GitHub issue #134.
If a user's sudoers entry did not have any RunAs user's set,
running "sudo -U otheruser -l" would dereference a NULL pointer.
* Fixed a bug introduced in sudo 1.9.12 that could prevent sudo
from creating a I/O files when the "iolog_file" sudoers setting
contains six or more Xs.
* Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit)
that coud allow a malicious user with sudoedit privileges to
edit arbitrary files.
To generate a diff of this commit:
cvs rdiff -u -r1.193 -r1.194 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.125 -r1.126 pkgsrc/security/sudo/distinfo
Files: