pkgsrc/security/sudo/distinfo
kim 41dc73c1f8 Upgrade to address CVE-2013-1775
What's new in Sudo 1.7.10p7?

 * A time stamp file with the date set to the epoch by "sudo -k"
   is now completely ignored regardless of what the local clock is
   set to.  Previously, if the local clock was set to a value between
   the epoch and the time stamp timeout value, a time stamp reset
   by "sudo -k" would be considered current.

What's new in Sudo 1.7.10p6?

 * The tty-specific time stamp file now includes the session ID
   of the sudo process that created it.  If a process with the same
   tty but a different session ID runs sudo, the user will now be
   prompted for a password (assuming authentication is required for
   the command).

What's new in Sudo 1.7.10p5?

 * On systems where the controlling tty can be determined via /proc
   or sysctl(), sudo will no longer fall back to using ttyname()
   if the process has no controlling tty.  This prevents sudo from
   using a non-controlling tty for logging and time stamp purposes.

What's new in Sudo 1.7.10?

 * If the user is a member of the "exempt" group in sudoers, they
   will no longer be prompted for a password even if the -k flag
   is specified with the command.  This makes "sudo -k command"
   consistent with the behavior one would get if the user ran "sudo
   -k" immediately before running the command.

 * The sudoers file may now be a symbolic link.  Previously, sudo
   would refuse to read sudoers unless it was a regular file.

 * The user/group/mode checks on sudoers files have been relaxed.
   As long as the file is owned by the sudoers uid, not world-writable
   and not writable by a group other than the sudoers gid, the file
   is considered OK.  Note that visudo will still set the mode to
   the value specified at configure time.

 * /etc/environment is no longer read directly on Linux systems
   when PAM is used.  Sudo now merges the PAM environment into the
   user's environment which is typically set by the pam_env module.

 * The initial evironment created when env_reset is in effect now
   includes the contents of /etc/environment on AIX systems and the
   "setenv" and "path" entries from /etc/login.conf on BSD systems.

 * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
   file is now uses to determine the controlling terminal, if possible.
   This allows tty-based tickets to work properly even when, e.g.
   standard input, output and error are redirected to /dev/null.

 * The sudoreplay command can now properly replay sessions where
   no tty was present.

 * Fixed a race condition that could cause sudo to receive SIGTTOU
   (and stop) when resuming a shell that was run via sudo when I/O
   logging (and use_pty) is not enabled.
2013-03-01 14:24:57 +00:00

9 lines
487 B
Text

$NetBSD: distinfo,v 1.79 2013/03/01 14:24:57 kim Exp $
SHA1 (sudo-1.7.10p7.tar.gz) = b5beb1a470d1f03b3940aff612f5089244dd773a
RMD160 (sudo-1.7.10p7.tar.gz) = 171e54506c30a85fa642070332db012aba4a6203
Size (sudo-1.7.10p7.tar.gz) = 1217508 bytes
SHA1 (patch-aa) = 0c9c173a26ea72dd06a7d3947a0b3ba6dc00cf40
SHA1 (patch-af) = 045e6daceea982a161272af822e3554138ac7dbf
SHA1 (patch-ag) = abd8b76259e0eae75fe4ef8c2fb63f090fe14999
SHA1 (patch-logging.c) = 26608d7423b77f71f17b37cc87f4b2e75978d7cb