From owner-cvs-ports@FreeBSD.ORG  Fri Feb  6 19:35:48 2009
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F3F0B1065687;
	Fri,  6 Feb 2009 19:35:47 +0000 (UTC)
	(envelope-from tmclaugh@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id E31F38FC1B;
	Fri,  6 Feb 2009 19:35:47 +0000 (UTC)
	(envelope-from tmclaugh@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n16JZliL011320;
	Fri, 6 Feb 2009 19:35:47 GMT
	(envelope-from tmclaugh@repoman.freebsd.org)
Received: (from tmclaugh@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n16JZlpt011319;
	Fri, 6 Feb 2009 19:35:47 GMT (envelope-from tmclaugh)
Message-Id: <200902061935.n16JZlpt011319@repoman.freebsd.org>
From: Tom McLaughlin <tmclaugh@FreeBSD.org>
Date: Fri, 6 Feb 2009 19:35:47 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/security/sudo Makefile distinfo
 ports/security/vuxml vuln.xml
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 19:35:49 -0000

tmclaugh    2009-02-06 19:35:47 UTC

  FreeBSD ports repository

  Modified files:
    security/sudo        Makefile distinfo 
    security/vuxml       vuln.xml 
  Log:
  Security update for sudo to 1.6.9p20 for CVE 2009-0034
  
  Changes:
  - Only use the cached supplementory group vector when matching groups
    for the invoking user. (security)
  - When setting the umask, use the union of the user's umask and the
    default value set in sudoers so that we never lower the user's umask
    when running a command.
  - Sudo now operates in the C locale again when doing a match against
    sudoers.
  
  PR:             131446
  Submitted by:   Eygene Ryabinkin
  Security:       vid:13d6d997-f455-11dd-8516-001b77d09812
  
  Revision  Changes    Path
  1.101     +2 -2      ports/security/sudo/Makefile
  1.61      +3 -3      ports/security/sudo/distinfo
  1.1846    +33 -1     ports/security/vuxml/vuln.xml