Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_163791604010290"
MIME-Version: 1.0
Date: Fri, 26 Nov 2021 08:40:40 +0000
From: "pin" <pin@netbsd.org>
Subject: CVS commit: pkgsrc/security/opendoas
To: pkgsrc-changes@NetBSD.org
Reply-To: pin@netbsd.org
Message-Id: <20211126084040.6E733FAEC@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_163791604010290
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	pin
Date:		Fri Nov 26 08:40:40 UTC 2021

Modified Files:
	pkgsrc/security/opendoas: Makefile distinfo
Removed Files:
	pkgsrc/security/opendoas/patches: patch-doas.c

Log Message:
security/opendoas: update to 6.8.1

-This release fixes one major issue that has been assigned CVE-2019-25016.

Rules that allowed the user to execute any command would inherit the
executing users PATH instead of resetting it to a default PATH.
The path will now be correctly reset (d5acd52) to the defined default PATH.

Those rules still allow the user to execute any program from their PATH
but executed commands won't inherit the users PATH anymore.

Rules that limit the user to execute only a specific command are not affected
by this and are only executed from the default PATH and with the PATH
environment variable set to the safe default.

Other changes are:
-apply missing man page changes
-Fixes to the configuration parser 2d7431c, 01ac841 and 36cc28e
-Minor documentation and error message wording changes.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/opendoas/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/opendoas/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/opendoas/patches/patch-doas.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_163791604010290
Content-Disposition: inline
Content-Length: 1703
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/opendoas/Makefile
diff -u pkgsrc/security/opendoas/Makefile:1.2 pkgsrc/security/opendoas/Makefile:1.3
--- pkgsrc/security/opendoas/Makefile:1.2	Fri Jan 29 07:53:38 2021
+++ pkgsrc/security/opendoas/Makefile	Fri Nov 26 08:40:40 2021
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2021/01/29 07:53:38 jperkin Exp $
+# $NetBSD: Makefile,v 1.3 2021/11/26 08:40:40 pin Exp $
 
-DISTNAME=	opendoas-6.8
-PKGREVISION=	1
+DISTNAME=	opendoas-6.8.1
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GITHUB:=duncaen/}
 GITHUB_TAG=	v${PKGVERSION_NOREV}

Index: pkgsrc/security/opendoas/distinfo
diff -u pkgsrc/security/opendoas/distinfo:1.4 pkgsrc/security/opendoas/distinfo:1.5
--- pkgsrc/security/opendoas/distinfo:1.4	Tue Oct 26 11:17:22 2021
+++ pkgsrc/security/opendoas/distinfo	Fri Nov 26 08:40:40 2021
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.4 2021/10/26 11:17:22 nia Exp $
+$NetBSD: distinfo,v 1.5 2021/11/26 08:40:40 pin Exp $
 
-BLAKE2s (opendoas-6.8.tar.gz) = e3880bf703bbc0d038da43edc032ab927aeac8ed3a86d417f6d7da226476e065
-SHA512 (opendoas-6.8.tar.gz) = 4a57079bba353247e645bc07a5d4e78fd01471d193e83751fd87b72cffa4e152c0f7ea172563f767a7193b14489f57bc066b4fee50842d30b5b7f7ce918434bb
-Size (opendoas-6.8.tar.gz) = 32307 bytes
+BLAKE2s (opendoas-6.8.1.tar.gz) = b85a68323ab88d02d9a0a1e6eb5591ae46fd9080d5657c466bb14ccd1541f581
+SHA512 (opendoas-6.8.1.tar.gz) = d96fe1cdd70e9211de9996ad05bcf7a127facd02af48f7ab2561869d9d16708f1b61722c6e6b9fe15a62e9ef501e09b1ba444b7b43a066f1895e543ebc9402e7
+Size (opendoas-6.8.1.tar.gz) = 32398 bytes
 SHA1 (patch-GNUmakefile) = d301c0334ce6ac7992d61681e1852a301557d300
-SHA1 (patch-doas.c) = 3c4e734e3c8f7bf38e2a58ddb1ba4e1eefe99087


--_----------=_163791604010290--