--- - branch: pkgsrc-2019Q4 date: Sun Feb 9 19:21:38 UTC 2020 files: - new: 1.173.4.1 old: '1.173' path: pkgsrc/security/sudo/Makefile pathrev: pkgsrc/security/sudo/Makefile@1.173.4.1 type: modified - new: 1.106.4.1 old: '1.106' path: pkgsrc/security/sudo/distinfo pathrev: pkgsrc/security/sudo/distinfo@1.106.4.1 type: modified - new: 1.1.14.1 old: '1.1' path: pkgsrc/security/sudo/patches/patch-Makefile.in pathrev: pkgsrc/security/sudo/patches/patch-Makefile.in@1.1.14.1 type: modified - new: 1.1.14.1 old: '1.1' path: pkgsrc/security/sudo/patches/patch-configure pathrev: pkgsrc/security/sudo/patches/patch-configure@1.1.14.1 type: modified - new: '0' old: '1.1' path: pkgsrc/security/sudo/patches/patch-include_sudo__compat.h pathrev: pkgsrc/security/sudo/patches/patch-include_sudo__compat.h@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/security/sudo/patches/patch-lib_util_sig2str.c pathrev: pkgsrc/security/sudo/patches/patch-lib_util_sig2str.c@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/security/sudo/patches/patch-plugins_sudoers_sudoers.c pathrev: pkgsrc/security/sudo/patches/patch-plugins_sudoers_sudoers.c@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/security/sudo/patches/patch-include_sudo__event.h pathrev: pkgsrc/security/sudo/patches/patch-include_sudo__event.h@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/security/sudo/patches/patch-lib_util_str2sig.c pathrev: pkgsrc/security/sudo/patches/patch-lib_util_str2sig.c@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/security/sudo/patches/patch-plugins_sudoers_logging.c pathrev: pkgsrc/security/sudo/patches/patch-plugins_sudoers_logging.c@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/security/sudo/patches/patch-plugins_sudoers_starttime.c pathrev: pkgsrc/security/sudo/patches/patch-plugins_sudoers_starttime.c@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/security/sudo/patches/patch-src_limits.c pathrev: pkgsrc/security/sudo/patches/patch-src_limits.c@0 type: deleted - new: 1.2.4.1 old: '1.2' path: pkgsrc/security/sudo/patches/patch-plugins_sudoers_Makefile.in pathrev: pkgsrc/security/sudo/patches/patch-plugins_sudoers_Makefile.in@1.2.4.1 type: modified - new: 1.3.18.1 old: '1.3' path: pkgsrc/security/sudo/patches/patch-src_Makefile.in pathrev: pkgsrc/security/sudo/patches/patch-src_Makefile.in@1.3.18.1 type: modified id: 20200209T192138Z.cbc7d8540424f7eb3df89c52b41e45eb52789773 log: "Pullup ticket #6133 - requested by taca\nsecurity/sudo: security fix\n\nRevisions pulled up:\n- security/sudo/Makefile 1.174-1.178\n- security/sudo/distinfo 1.107-1.109\n- security/sudo/patches/patch-Makefile.in \ 1.2\n- security/sudo/patches/patch-configure 1.2\n- security/sudo/patches/patch-include_sudo__compat.h deleted\n- security/sudo/patches/patch-include_sudo__event.h \ deleted\n- security/sudo/patches/patch-lib_util_sig2str.c deleted\n- security/sudo/patches/patch-lib_util_str2sig.c deleted\n- security/sudo/patches/patch-plugins_sudoers_Makefile.in \ 1.3\n- security/sudo/patches/patch-plugins_sudoers_logging.c deleted\n- security/sudo/patches/patch-plugins_sudoers_starttime.c deleted\n- security/sudo/patches/patch-plugins_sudoers_sudoers.c \ deleted\n- security/sudo/patches/patch-src_Makefile.in 1.4\n- security/sudo/patches/patch-src_limits.c deleted\n\n---\n \ Module Name:\tpkgsrc\n Committed By:\tkim\n Date:\t\tSat Dec 28 20:43:56 UTC 2019\n\n Modified Files:\n \tpkgsrc/security/sudo: Makefile distinfo\n \ \tpkgsrc/security/sudo/patches: patch-Makefile.in patch-configure\n \t patch-plugins_sudoers_Makefile.in patch-src_Makefile.in\n Removed Files:\n \tpkgsrc/security/sudo/patches: patch-include_sudo__compat.h\n \ \t patch-include_sudo__event.h patch-lib_util_sig2str.c\n \t patch-lib_util_str2sig.c patch-plugins_sudoers_logging.c\n \t patch-plugins_sudoers_starttime.c patch-plugins_sudoers_sudoers.c\n \ \t patch-src_limits.c\n\n Log Message:\n Update to sudo 1.8.30beta3\n\n \ * Portability fixes from pkgsrc have been merged upstream\n\n * Add runas_check_shell flag to require a runas user to have a valid\n shell. Not enabled by default.\n\n \ * Add a new flag \"allow_unknown_runas_id\" to control matching of unknown\n \ IDs. Previous, sudo would always allow unknown user or group IDs if\n the sudoers entry permitted it. This included the \"ALL\" alias. With\n this change, the admin must explicitly enable support for unknown IDs.\n\n * Transparently handle the \"sudo sudoedit\" problem. Some admin are\n confused about how to give users sudoedit permission and many users\n try to run sudoedit via sudo instead of directly. If the user runs\n \"sudo sudoedit\" sudo will now treat it as plain \"sudoedit\" after\n issuing a warning. If the admin has specified a fully-qualified path\n for sudoedit in sudoers, sudo will treat it as just \"sudoedit\" and\n match accordingly. In visudo (but not sudo), a fully-qualified path\n for sudoedit is now treated as an error.\n\n * When restoring old resource limits, try to recover if we receive\n EINVAL. On NetBSD, setrlimit(2) can return EINVAL if the new soft\n limit is lower than the current resource usage. This can be a problem\n when restoring the old stack limit if sudo has raised it.\n\n * Restore resource limits before executing the askpass program. Linux\n with docker seems to have issues executing a program when the stack\n size is unlimited. Bug #908\n\n * macOS does not allow rlim_cur to be set to RLIM_INFINITY for\n RLIMIT_NOFILE. We need to use OPEN_MAX instead as per the macOS\n setrlimit manual. Bug #904\n\n \ * Use 64-bit resource limits on AIX.\n\n---\n Module Name:\tpkgsrc\n Committed By:\tkim\n Date:\t\tWed Jan 1 01:47:29 UTC 2020\n\n Modified Files:\n \tpkgsrc/security/sudo: Makefile distinfo\n\n Log Message:\n Update to sudo 1.8.30\n\n Notable changes:\n\n \ * The version string no longer has the word \"beta\" in it.\n\n---\n Module Name:\tpkgsrc\n Committed By:\tjperkin\n Date:\t\tSat Jan 18 21:51:16 UTC 2020\n\n Modified Files:\n \tpkgsrc/security/sudo: Makefile\n\n Log Message:\n \ *: Recursive revision bump for openssl 1.1.1.\n\n---\n Module Name:\tpkgsrc\n \ Committed By:\ttriaxx\n Date:\t\tThu Jan 30 21:08:00 UTC 2020\n\n Modified Files:\n \tpkgsrc/security/sudo: Makefile\n\n Log Message:\n sudo: update master site\n\n TW Aren FTP server seems down and the fetching step hangs for hours.\n\n---\n Module Name:\tpkgsrc\n Committed By:\tkim\n Date:\t\tMon Feb 3 07:47:56 UTC 2020\n\n Modified Files:\n \tpkgsrc/security/sudo: Makefile distinfo\n\n Log Message:\n Update to sudo 1.8.31\n\n What's new:\n\n * Fixed CVE-2019-18634, a buffer overflow when the \"pwfeedback\"\n sudoers option is enabled on systems with uni-directional pipes.\n\n * The \"sudoedit_checkdir\" option now treats a user-owned directory\n as writable, even if it does not have the write bit set at the\n time of check. Symbolic links will no longer be followed by\n sudoedit in any user-owned directory. Bug #912\n\n * Fixed sudoedit on macOS 10.15 and above where the root file system\n is mounted read-only. Bug #913.\n\n * Fixed a crash introduced in sudo 1.8.30 when suspending sudo\n at the password prompt. Bug #914.\n\n * Fixed compilation on systems where the mmap MAP_ANON flag\n is not available. Bug #915.\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2019Q4] pkgsrc/security/sudo' unixtime: '1581276098' user: bsiegert