Date: Wed, 31 May 2017 20:49:15 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r442266 - in branches/2017Q2/security/sudo: . files Message-ID: <201705312049.v4VKnFWY036215@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Wed May 31 20:49:14 2017 New Revision: 442266 URL: https://svnweb.freebsd.org/changeset/ports/442266 Log: Update to 1.8.20p1 This release fixes a potential security issue that may allow a user to bypass the "tty_ticket" constraints or overwrite an arbitrary file. The issue is reported to only be present on Linux systems but I don't think it hurts to update the FreeBSD port at this time. Approved by: ports-secteam (with hat) Deleted: branches/2017Q2/security/sudo/files/patch-lib__util__strtoid.c Modified: branches/2017Q2/security/sudo/Makefile branches/2017Q2/security/sudo/distinfo branches/2017Q2/security/sudo/files/patch-install-sh branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in branches/2017Q2/security/sudo/pkg-plist Directory Properties: branches/2017Q2/ (props changed) Modified: branches/2017Q2/security/sudo/Makefile ============================================================================== --- branches/2017Q2/security/sudo/Makefile Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/Makefile Wed May 31 20:49:14 2017 (r442266) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= sudo -PORTVERSION= 1.8.19p2 +PORTVERSION= 1.8.20p1 CATEGORIES= security MASTER_SITES= SUDO Modified: branches/2017Q2/security/sudo/distinfo ============================================================================== --- branches/2017Q2/security/sudo/distinfo Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/distinfo Wed May 31 20:49:14 2017 (r442266) @@ -1,3 +1,3 @@ -TIMESTAMP = 1484415267 -SHA256 (sudo-1.8.19p2.tar.gz) = 237e18e67c2ad59ecacfa4b7707198b09fcf84914621585a9bc670dcc31a52e0 -SIZE (sudo-1.8.19p2.tar.gz) = 2861855 +TIMESTAMP = 1496171509 +SHA256 (sudo-1.8.20p1.tar.gz) = 9e980eb23a60dd11f0f452e672e705d7a386882bc230c6e8483050e03182db1d +SIZE (sudo-1.8.20p1.tar.gz) = 2930394 Modified: branches/2017Q2/security/sudo/files/patch-install-sh ============================================================================== --- branches/2017Q2/security/sudo/files/patch-install-sh Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/files/patch-install-sh Wed May 31 20:49:14 2017 (r442266) @@ -1,4 +1,4 @@ ---- install-sh.orig 2015-07-15 18:38:05 UTC +--- install-sh.orig 2017-01-14 04:30:15 UTC +++ install-sh @@ -171,12 +171,6 @@ if ${DIRMODE} ; then if [ ! -d "${DEST}" ] ; then @@ -13,16 +13,16 @@ if ${CHMODIT} ; then ${CHMOD} "${MODE}" "${DEST}" || exit 1 fi -@@ -227,12 +221,6 @@ fi +@@ -226,12 +220,6 @@ fi + ## Strip and set the owner/mode. if ${STRIPIT} ; then ${STRIP} "${DEST}" || exit 1 - fi +-fi -if ${CHOWNIT} ; then - ${CHOWN} "${OWNER}" "${DEST}" || exit 1 -fi -if ${CHGROUPIT} ; then - ${CHGRP} "${GROUP}" "${DEST}" || exit 1 --fi + fi if ${CHMODIT} ; then ${CHMOD} "${MODE}" "${DEST}" || exit 1 - fi Modified: branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in ============================================================================== --- branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in Wed May 31 20:49:14 2017 (r442266) @@ -1,4 +1,4 @@ ---- plugins/sudoers/sudoers.in.orig 2015-07-15 18:44:07 UTC +--- plugins/sudoers/sudoers.in.orig 2017-01-14 04:30:15 UTC +++ plugins/sudoers/sudoers.in @@ -32,6 +32,14 @@ ## Modified: branches/2017Q2/security/sudo/pkg-plist ============================================================================== --- branches/2017Q2/security/sudo/pkg-plist Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/pkg-plist Wed May 31 20:49:14 2017 (r442266) @@ -1,6 +1,7 @@ bin/sudo bin/sudoedit bin/sudoreplay +etc/sudoers.dist @sample etc/sudoers.sample @sample etc/pam.d/sudo.default etc/pam.d/sudo include/sudo_plugin.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705312049.v4VKnFWY036215>