From owner-svn-ports-all@freebsd.org Wed May 31 20:49:16 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 964B6B9446E; Wed, 31 May 2017 20:49:16 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6B1B167C17; Wed, 31 May 2017 20:49:16 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v4VKnFWa036219; Wed, 31 May 2017 20:49:15 GMT (envelope-from feld@FreeBSD.org) Received: (from feld@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v4VKnFWY036215; Wed, 31 May 2017 20:49:15 GMT (envelope-from feld@FreeBSD.org) Message-Id: <201705312049.v4VKnFWY036215@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: feld set sender to feld@FreeBSD.org using -f From: Mark Felder Date: Wed, 31 May 2017 20:49:15 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r442266 - in branches/2017Q2/security/sudo: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 May 2017 20:49:16 -0000 Author: feld Date: Wed May 31 20:49:14 2017 New Revision: 442266 URL: https://svnweb.freebsd.org/changeset/ports/442266 Log: Update to 1.8.20p1 This release fixes a potential security issue that may allow a user to bypass the "tty_ticket" constraints or overwrite an arbitrary file. The issue is reported to only be present on Linux systems but I don't think it hurts to update the FreeBSD port at this time. Approved by: ports-secteam (with hat) Deleted: branches/2017Q2/security/sudo/files/patch-lib__util__strtoid.c Modified: branches/2017Q2/security/sudo/Makefile branches/2017Q2/security/sudo/distinfo branches/2017Q2/security/sudo/files/patch-install-sh branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in branches/2017Q2/security/sudo/pkg-plist Directory Properties: branches/2017Q2/ (props changed) Modified: branches/2017Q2/security/sudo/Makefile ============================================================================== --- branches/2017Q2/security/sudo/Makefile Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/Makefile Wed May 31 20:49:14 2017 (r442266) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= sudo -PORTVERSION= 1.8.19p2 +PORTVERSION= 1.8.20p1 CATEGORIES= security MASTER_SITES= SUDO Modified: branches/2017Q2/security/sudo/distinfo ============================================================================== --- branches/2017Q2/security/sudo/distinfo Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/distinfo Wed May 31 20:49:14 2017 (r442266) @@ -1,3 +1,3 @@ -TIMESTAMP = 1484415267 -SHA256 (sudo-1.8.19p2.tar.gz) = 237e18e67c2ad59ecacfa4b7707198b09fcf84914621585a9bc670dcc31a52e0 -SIZE (sudo-1.8.19p2.tar.gz) = 2861855 +TIMESTAMP = 1496171509 +SHA256 (sudo-1.8.20p1.tar.gz) = 9e980eb23a60dd11f0f452e672e705d7a386882bc230c6e8483050e03182db1d +SIZE (sudo-1.8.20p1.tar.gz) = 2930394 Modified: branches/2017Q2/security/sudo/files/patch-install-sh ============================================================================== --- branches/2017Q2/security/sudo/files/patch-install-sh Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/files/patch-install-sh Wed May 31 20:49:14 2017 (r442266) @@ -1,4 +1,4 @@ ---- install-sh.orig 2015-07-15 18:38:05 UTC +--- install-sh.orig 2017-01-14 04:30:15 UTC +++ install-sh @@ -171,12 +171,6 @@ if ${DIRMODE} ; then if [ ! -d "${DEST}" ] ; then @@ -13,16 +13,16 @@ if ${CHMODIT} ; then ${CHMOD} "${MODE}" "${DEST}" || exit 1 fi -@@ -227,12 +221,6 @@ fi +@@ -226,12 +220,6 @@ fi + ## Strip and set the owner/mode. if ${STRIPIT} ; then ${STRIP} "${DEST}" || exit 1 - fi +-fi -if ${CHOWNIT} ; then - ${CHOWN} "${OWNER}" "${DEST}" || exit 1 -fi -if ${CHGROUPIT} ; then - ${CHGRP} "${GROUP}" "${DEST}" || exit 1 --fi + fi if ${CHMODIT} ; then ${CHMOD} "${MODE}" "${DEST}" || exit 1 - fi Modified: branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in ============================================================================== --- branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/files/patch-plugins__sudoers__sudoers.in Wed May 31 20:49:14 2017 (r442266) @@ -1,4 +1,4 @@ ---- plugins/sudoers/sudoers.in.orig 2015-07-15 18:44:07 UTC +--- plugins/sudoers/sudoers.in.orig 2017-01-14 04:30:15 UTC +++ plugins/sudoers/sudoers.in @@ -32,6 +32,14 @@ ## Modified: branches/2017Q2/security/sudo/pkg-plist ============================================================================== --- branches/2017Q2/security/sudo/pkg-plist Wed May 31 20:48:06 2017 (r442265) +++ branches/2017Q2/security/sudo/pkg-plist Wed May 31 20:49:14 2017 (r442266) @@ -1,6 +1,7 @@ bin/sudo bin/sudoedit bin/sudoreplay +etc/sudoers.dist @sample etc/sudoers.sample @sample etc/pam.d/sudo.default etc/pam.d/sudo include/sudo_plugin.h