Pullup ticket 3137 - requested by kefren
security update

Revisions pulled up:
- pkgsrc/security/sudo/Makefile 1.121
- pkgsrc/security/sudo/distinfo 1.63

  -------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Thu Jun  3 14:53:14 UTC 2010

  Modified Files:
          pkgsrc/security/sudo: Makefile distinfo

  Log Message:
  Update security/sudo package to 1.7.2p7.

  For more detail: http://www.sudo.ws/sudo/alerts/secure_path.html

  Summary:
      Sudo "secure path" feature works by replacing the PATH environment
      variable with a value specified in the sudoers file, or at
      compile time if the --with-secure-path configure option is used.
      The flaw is that sudo only replaces the first instance of PATH
      in the environment.  If the program being run through sudo uses
      the last instance of PATH in the environment, an attacker may
      be able to avoid the "secure path" restrictions.

  Sudo versions affected:
      Sudo 1.3.1 through 1.6.9p22 and Sudo 1.7.0 through 1.7.2p6.

  To generate a diff of this commit:
  cvs rdiff -u -r1.120 -r1.121 pkgsrc/security/sudo/Makefile
  cvs rdiff -u -r1.62 -r1.63 pkgsrc/security/sudo/distinfo

(spz)