[pkgsrc/trunk]: pkgsrc/security/sudo Update security/sudo package to 1.7.2p7.

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8e0ea1f21b59
branches:  trunk
changeset: 576202:8e0ea1f21b59
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu Jun 03 14:53:14 2010 +0000

description:
Update security/sudo package to 1.7.2p7.

For more detail: http://www.sudo.ws/sudo/alerts/secure_path.html

Summary:
    Sudo "secure path" feature works by replacing the PATH environment
    variable with a value specified in the sudoers file, or at
    compile time if the --with-secure-path configure option is used.
    The flaw is that sudo only replaces the first instance of PATH
    in the environment.  If the program being run through sudo uses
    the last instance of PATH in the environment, an attacker may
    be able to avoid the "secure path" restrictions.

Sudo versions affected:
    Sudo 1.3.1 through 1.6.9p22 and Sudo 1.7.0 through 1.7.2p6.

diffstat:

 security/sudo/Makefile |  4 ++--
 security/sudo/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (29 lines):

diff -r d6ccf25c2c8f -r 8e0ea1f21b59 security/sudo/Makefile
--- a/security/sudo/Makefile    Thu Jun 03 12:53:47 2010 +0000
+++ b/security/sudo/Makefile    Thu Jun 03 14:53:14 2010 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.120 2010/04/16 15:33:52 taca Exp $
+# $NetBSD: Makefile,v 1.121 2010/06/03 14:53:14 taca Exp $
 #
 
-DISTNAME=              sudo-1.7.2p6
+DISTNAME=              sudo-1.7.2p7
 CATEGORIES=            security
 MASTER_SITES=          http://www.courtesan.com/sudo/dist/ \
                        ftp://ftp.courtesan.com/pub/sudo/ \
diff -r d6ccf25c2c8f -r 8e0ea1f21b59 security/sudo/distinfo
--- a/security/sudo/distinfo    Thu Jun 03 12:53:47 2010 +0000
+++ b/security/sudo/distinfo    Thu Jun 03 14:53:14 2010 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.62 2010/04/16 15:33:52 taca Exp $
+$NetBSD: distinfo,v 1.63 2010/06/03 14:53:14 taca Exp $
 
-SHA1 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 45976e82cc2ca9f34cad574629ddd998c377734e
-RMD160 (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 9122ee0da71fa8fe84f71e13d1a02173ef317937
-Size (sudo-1.7.2p6-200805130/sudo-1.7.2p6.tar.gz) = 771148 bytes
+SHA1 (sudo-1.7.2p7-200805130/sudo-1.7.2p7.tar.gz) = 0504e0d7b1d3c987e48325ec4caa6ebfe5237ff5
+RMD160 (sudo-1.7.2p7-200805130/sudo-1.7.2p7.tar.gz) = 7ed1976bbce6d66939b85ce08a97c089dbeb1ec4
+Size (sudo-1.7.2p7-200805130/sudo-1.7.2p7.tar.gz) = 772356 bytes
 SHA1 (patch-aa) = bd35d9a9168a70c53b8908570cd86483b117a084
 SHA1 (patch-af) = 50e6ecf889c460669a4b632c0fd3b15fc45b1214
 SHA1 (patch-ag) = b6153d89cfe634c79f1c5b44d4f0df0089353528