CVS commit: pkgsrc/security/sudo

["Kimmo Suominen" <kim%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   kim
Date:           Sat Mar  8 11:51:56 UTC 2014

Modified Files:
        pkgsrc/security/sudo: Makefile distinfo
        pkgsrc/security/sudo/patches: patch-af patch-ag patch-logging.c

Log Message:
Upgrade to address CVE-2014-0106

http://www.sudo.ws/sudo/alerts/env_add.html

What's new in Sudo 1.7.10p8?

* Sudo's exit code now indicates a failure if the user does not
  successfully authenticate.

* On HP-UX systems, sudo will now use the pstat() function to
  determine the tty instead of ttyname().

* Fixed compilation when --without-iologdir configure option is
  specified.

* On systems with BSD login classes, if the user specified a group
  (not a user) to run the command as, it was possible to specify
  a different login class even when the command was not run as the
  super user.

* The closefrom() emulation on Mac OS X now uses /dev/fd if possible.
  It also now sets the close on exec flag instead of actually
  closing the descriptors to avoid a crash in libdispatch.

* The sudoers plugin will now ignore invalid domain names when
  checking netgroup membership.  Most Linux systems use the string
  "(none)" for the NIS-style domain name instead of an empty string.

* Fixed the logic when checking environment variables on the
  command line against the env_check and env_delete blacklists.
  This is only a problem when env_reset is disabled in sudoers.


To generate a diff of this commit:
cvs rdiff -u -r1.141 -r1.142 pkgsrc/security/sudo/Makefile
cvs rdiff -u -r1.80 -r1.81 pkgsrc/security/sudo/distinfo
cvs rdiff -u -r1.30 -r1.31 pkgsrc/security/sudo/patches/patch-af
cvs rdiff -u -r1.21 -r1.22 pkgsrc/security/sudo/patches/patch-ag
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/sudo/patches/patch-logging.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.