Subject: CVS commit: [pkgsrc-2022Q4] pkgsrc/security/sudo
From: S.P.Zeidler
Date: 2023-02-12 20:28:57
Message id: 20230212192857.B9C32FA90@cvs.NetBSD.org

Log Message:
Pullup ticket #6735 - requested by taca
security/sudo: security update

Revisions pulled up:
- security/sudo/Makefile                                        1.194
- security/sudo/distinfo                                        1.126

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Feb  6 14:35:32 UTC 2023

   Modified Files:
   	pkgsrc/security/sudo: Makefile distinfo

   Log Message:
   security/sudo: update to 1.9.12p2

   1.9.12.p2 (2023-01-18)

    * Fixed a compilation error on Linux/aarch64.  GitHub issue #197.

    * Fixed a potential crash introduced in the fix for GitHub issue #134.
      If a user's sudoers entry did not have any RunAs user's set,
      running "sudo -U otheruser -l" would dereference a NULL pointer.

    * Fixed a bug introduced in sudo 1.9.12 that could prevent sudo
      from creating a I/O files when the "iolog_file" sudoers setting
      contains six or more Xs.

    * Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit)
      that coud allow a malicious user with sudoedit privileges to
      edit arbitrary files.

   To generate a diff of this commit:
   cvs rdiff -u -r1.193 -r1.194 pkgsrc/security/sudo/Makefile
   cvs rdiff -u -r1.125 -r1.126 pkgsrc/security/sudo/distinfo

Files:
RevisionActionfile
1.193.2.1modifypkgsrc/security/sudo/Makefile
1.125.2.1modifypkgsrc/security/sudo/distinfo