From nobody Wed Jan 18 17:08:55 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Nxsfv4NdFz2sT1y; Wed, 18 Jan 2023 17:08:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Nxsfv3wBDz3jN6; Wed, 18 Jan 2023 17:08:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674061735; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9wFo7TSOmMqXotQYmqYgoOy3AQJ2aV4RbKc4eQMal60=; b=fF4n4WenGQFY9PrVQToDQB8+qn9eAMdXMfkHCn/vyuMOddNbq5MvVFPolKencuONXJayqO R33SHYomp83y+XcqwYEbPqWMCyzcDNo/Yb/yn3hilZsIkP6w/QzDmOBsUsK5hHJZc5CbEr hmNXlQsi9jGRZyVAG4ByKEPyZ0UsOnhyB0mbbmpwS5oHiDvto8NZ3aDRTRRbRjcqFYRctN apDA9I0Lndbhx2o+ATLcD0Aqi1yLhjTtCOmnic3Xt/tALj9lk6UaPxecXvOEtDEppHVJbq fI2t/z5m6Bo6vCPYcD1Pzq8o0vZqJknSNWDnv0kBXJh1W/kPVeAI6vrnY5DO9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674061735; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9wFo7TSOmMqXotQYmqYgoOy3AQJ2aV4RbKc4eQMal60=; b=qj18s7MMDlPcgqQPt1AvhAMUhc650gzkVKUctIJg9ZSPOVI1hoG2RddGsULk9vKyzm6vha NcBwIbYHUBhnykAEXgujQdDpKBxDvVQfkMhkNOMtsr7Y3EqZn5RLRLg3eAT75yLaaEAT9y vziLULT9IALtAWDUaCoqe+CFiY4wI/voZGqHp2eYfFOjmuenA9rmFZqZF4AQY11mvKzgRZ A/MX4kSL93mtxKcq6qLbThvqjnm/wKI4KZ+ONCG1xREH3tC1WxsyQkYfTWD2XIHLeK/IeO P3dhvbrEni+lOkHKxeAjuRhoKHABrKHRx+8XCgJu/a0TZDZvbkihLQP2PRv/6A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674061735; a=rsa-sha256; cv=none; b=gOU2RWQmzxq/wL2HTbho2/HrbLfYkP9kDT1YVHXyDoQ/gcNd+X8OQGVMmzHkTrglXBvxys mx7Ppa+SrSx43a3iPNSe6MFi8H2wYK54RaqXKos1+CKnlD1+j8++oYIleWaTH+ovuCIWvp jlcN+V6T7GIe2nU//nyqCpkbwdjhdbnb0u0Rzyz5Mjz1IMdLx3fvV0Dja1Mb/B+t7+bJua KJCFyuKlmoXpUJ80rkUH+aDNaDTCdV8Q406VRlySyKgfJKptKlUJOV0X9CDxn0OwbvZQpm k5hvJaer+xN/BT2fz2PLZJ8bwlQf41/qnmDvGu+zFMlJ4HtTUt1ayMUor9Kuag== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Nxsfv2khvzJsg; Wed, 18 Jan 2023 17:08:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30IH8tb2096835; Wed, 18 Jan 2023 17:08:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30IH8tmS096834; Wed, 18 Jan 2023 17:08:55 GMT (envelope-from git) Date: Wed, 18 Jan 2023 17:08:55 GMT Message-Id: <202301181708.30IH8tmS096834@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 8f8bd813f313 - main - security/sudo: Update to 1.9.12p2 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8f8bd813f3139d6f6ff35704808111c4ad1f053a Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=8f8bd813f3139d6f6ff35704808111c4ad1f053a commit 8f8bd813f3139d6f6ff35704808111c4ad1f053a Author: Cy Schubert AuthorDate: 2023-01-18 16:20:58 +0000 Commit: Cy Schubert CommitDate: 2023-01-18 17:08:35 +0000 security/sudo: Update to 1.9.12p2 Major changes between sudo 1.9.12p2 and 1.9.12p1: * Fixed a compilation error on Linux/aarch64. GitHub issue #197. * Fixed a potential crash introduced in the fix for GitHub issue #134. If a user's sudoers entry did not have any RunAs user's set, running "sudo -U otheruser -l" would dereference a NULL pointer. * Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from creating a I/O files when the "iolog_file" sudoers setting contains six or more Xs. * Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit) that coud allow a malicious user with sudoedit privileges to edit arbitrary files. PR: 269030 Submitted by: cy Reported by: cy Approved by: garga MFH: 2023Q1 Security: CVE-2023-22809 --- security/sudo/Makefile | 2 +- security/sudo/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/sudo/Makefile b/security/sudo/Makefile index 7318f194b669..673b94caf04f 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,5 +1,5 @@ PORTNAME= sudo -PORTVERSION= 1.9.12p1 +PORTVERSION= 1.9.12p2 CATEGORIES= security MASTER_SITES= SUDO diff --git a/security/sudo/distinfo b/security/sudo/distinfo index 909e14ed47f8..1820b31e549f 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1667830579 -SHA256 (sudo-1.9.12p1.tar.gz) = 475a18a8eb3da8b2917ceab063a6baf51ea09128c3c47e3e0e33ab7497bab7d8 -SIZE (sudo-1.9.12p1.tar.gz) = 4908060 +TIMESTAMP = 1674058310 +SHA256 (sudo-1.9.12p2.tar.gz) = b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539 +SIZE (sudo-1.9.12p2.tar.gz) = 4909431