---
- branch: MAIN
  date: Mon Feb  6 14:35:32 UTC 2023
  files:
  - new: '1.194'
    old: '1.193'
    path: pkgsrc/security/sudo/Makefile
    pathrev: pkgsrc/security/sudo/Makefile@1.194
    type: modified
  - new: '1.126'
    old: '1.125'
    path: pkgsrc/security/sudo/distinfo
    pathrev: pkgsrc/security/sudo/distinfo@1.126
    type: modified
  id: 20230206T143532Z.41926fb612b6deea7eb647a98d4dd68eb971d20b
  log: |
    security/sudo: update to 1.9.12p2

    1.9.12.p2 (2023-01-18)

     * Fixed a compilation error on Linux/aarch64.  GitHub issue #197.

     * Fixed a potential crash introduced in the fix for GitHub issue #134.
       If a user's sudoers entry did not have any RunAs user's set,
       running "sudo -U otheruser -l" would dereference a NULL pointer.

     * Fixed a bug introduced in sudo 1.9.12 that could prevent sudo
       from creating a I/O files when the "iolog_file" sudoers setting
       contains six or more Xs.

     * Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit)
       that coud allow a malicious user with sudoedit privileges to
       edit arbitrary files.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/sudo'
  unixtime: '1675694132'
  user: taca