Date: Tue, 21 Jun 2005 10:00:46 -0300 From: Renato Botelho <freebsd@galle.com.br> To: "Sergey A. Osokin" <osa@FreeBSD.org> Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/security/sudo Makefile distinfo Message-ID: <20050621130046.GC4151@galle.com.br> In-Reply-To: <200506211252.j5LCq1VB040407@repoman.freebsd.org> References: <200506211252.j5LCq1VB040407@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Jun 21, 2005 at 12:52:01PM +0000, Sergey A. Osokin wrote: > osa 2005-06-21 12:52:01 UTC > > FreeBSD ports repository > > Modified files: > security/sudo Makefile distinfo > Log: > Security update to latest release: 1.6.8p9. > > <Security Alert> > Summary: > A race condition in Sudo's command pathname handling prior > to Sudo version 1.6.8p9 that could allow a user with Sudo > privileges to run arbitrary commands. > Sudo versions affected: > Sudo versions 1.3.1 up to and including 1.6.8p8. > </Security Alert> > > More information about this incident available at: > http://www.sudo.ws/sudo/alerts/path_race.html > > Revision Changes Path > 1.74 +2 -2 ports/security/sudo/Makefile > 1.47 +2 -2 ports/security/sudo/distinfo > _______________________________________________ > cvs-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/cvs-ports > To unsubscribe, send any mail to "cvs-ports-unsubscribe@freebsd.org" Please, close the PR 82479 that I sent this morning to do this. Thanks - -- Renato Botelho <freebsd at galle dot com dot br> AIM: RBGargaBR | ICQ: 54596223 GnuPG Key: http://www.galle.com.br/~renato/pubkey.asc Best of all is never to have been born. Second best is to die soon. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFCuA9+6CRbiSJE7akRAsRuAJsEu8X6W6Vb5mZjv7zPb2VnyGud4QCfVJee etcWkAHHaMApSdpza7pNjW0= =cTl3 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050621130046.GC4151>