From nobody Thu Feb 16 01:21:15 2023
X-Original-To: dev-commits-ports-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PHHG32c4qz3rs14;
	Thu, 16 Feb 2023 01:21:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4PHHG328ZWz46nb;
	Thu, 16 Feb 2023 01:21:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1676510475;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7OU4WJqnGymVR57xFf3K0SPb38U7wnofEBv8nZVU4/Q=;
	b=e3mlou3xeA2c5rSmnjXXKSEamGGh9duMlfUkIJ3GFH2W95kfpiEPpZECSoEydVvdUfEB0O
	p2/RnhLcTtJgHoDaxUi4YOiP+shhzFTniNkDZFnWTs7Nj5evjsHevGHD0wxuV14UW0WlvV
	dIIUMxYRCg6hHC9ZI8Z49ta4SrtbZak9D2dRX+64OPgCcZy7hKqIZbgAwcvHKRnYkNXAwp
	c9Ahw63pJnTrMkCHD0Ql1PRN4Oiq+PGeF26SedSe29TPZawoxMQdKpksjbNRv0NTXf3MzT
	X5ivp81oMCY8CyJsYEBDhxa5MzZCyDRX1VzfeUP0q3gwjuZ23ovR9Qfno1k42w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1676510475;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7OU4WJqnGymVR57xFf3K0SPb38U7wnofEBv8nZVU4/Q=;
	b=tA7aoHn8fsRqCjggfPA0g3GL+I529OP8Lg0x3HBy7FvP5guhpVqwNzNjrjEj3rGzNPYtYJ
	Vl28EO5Ew8OMhthLWi2yIwy0PUw98i/3yHuFNZM4OcYyN/w41yZ1S31VrrcDOCXHm+Vt9U
	Aor6Id/dpS6LMaNMZaA88PS8cnApmaLGzA1IAruXTugAlbjG7zQ1WUaJVzNhYCVHMz0UI3
	ret6iytQn8jzRzBSdaGmgs7f3L9hRFjurAfcFAD7lu1ervmlB1qH0M4ZWp52HypmBIgEuT
	loug8izvmarEGtkbIAKhK+smWEKTJ7jLm4cX49497t7kpbSzHM1d1mAGEMvX2A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1676510475; a=rsa-sha256; cv=none;
	b=U+82dH/jJuUr84CmiLmA/g9CcJGTqSsD+MhlIHLeyB6r4KmqFJBjQZ+DQ6eHdlNsxBY3Qx
	WeWVSVGIxPR5A+h8xE4wTvT1rWHOdR5t9DhdM0ALwGLPq9GNTJnqdc9AlwJc0MTU+KqZSX
	KmItTeErgoDLWYGwlFM7mNZ9jkv/SSw2/dAWgS4d4E5/Qojp/VIZQwiFlpC/6sLeP2cj4G
	OH3Ini5eHpceHgAZ+5g/Hl31J283KyGinFbX4GUU8kdgU2uIOJwPX+c4YhfI6hWZjg9gld
	lPwfHP+wdq67ikiomOhanWVrUyIuqRzBwPBvvsoOl5F7jJu43Qg3Uel5FDQ0iA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PHHG31CNJzlWt;
	Thu, 16 Feb 2023 01:21:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 31G1LFpc053604;
	Thu, 16 Feb 2023 01:21:15 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 31G1LF10053603;
	Thu, 16 Feb 2023 01:21:15 GMT
	(envelope-from git)
Date: Thu, 16 Feb 2023 01:21:15 GMT
Message-Id: <202302160121.31G1LF10053603@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: f2a9e111cf52 - 2023Q1 - security/sudo: Update to 1.9.13
List-Id: Commits to the quarterly branches of the FreeBSD ports repository <dev-commits-ports-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-branches
List-Help: <mailto:dev-commits-ports-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-branches@freebsd.org
X-BeenThere: dev-commits-ports-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: ports
X-Git-Refname: refs/heads/2023Q1
X-Git-Reftype: branch
X-Git-Commit: f2a9e111cf52a37653f8f3d8093ceef069d3c478
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch 2023Q1 has been updated by cy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=f2a9e111cf52a37653f8f3d8093ceef069d3c478

commit f2a9e111cf52a37653f8f3d8093ceef069d3c478
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-02-15 03:36:16 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2023-02-16 01:20:38 +0000

    security/sudo: Update to 1.9.13
    
    Major changes between sudo 1.9.13 and 1.9.12p2:
    
     * Fixed a bug running relative commands via sudo when "log_subcmds"
       is enabled.  GitHub issue #194.
    
     * Fixed a signal handling bug when running sudo commands in a shell
       script.  Signals were not being forwarded to the command when
       the sudo process was not run in its own process group.
    
     * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
       a newline and a backslash is the last character of the file.
    
     * Fixed a potential use-after-free bug with cvtsudoers filtering.
       GitHub issue #198.
    
     * Added a reminder to the default lecture that the password will
       not echo. This line is only displayed when the pwfeedback option
       is disabled. GitHub issue #195.
    
     * Fixed potential memory leaks in error paths.  GitHub issues #199,
       #202.
    
     * Fixed potential NULL dereferences on memory allocation failure.
       GitHub issues #204, #211.
    
     * Sudo now uses C23-style attributes in function prototypes instead
       of gcc-style attributes if supported.
    
     * Added a new "list" pseudo-command in sudoers to allow a user to
       list another user's privileges.  Previously, only root or a user
       with the ability to run any command as either root or the target
       user on the current host could use the -U option.  This also
       includes a fix to the log entry when a user lacks permission to
       run "sudo -U otheruser -l command".  Previously, the logs would
       indicate that the user tried to run the actual command, now the
       log entry includes the list operation.
    
     * JSON logging now escapes control characters if they happen to
       appear in the command or environment.
    
     * New Albanian translation from translationproject.org.
    
     * Regular expressions in sudoers or logsrvd.conf may no longer
       contain consecutive repetition operators.  This is implementation-
       specific behavior according to POSIX, but some implementations
       will allocate excessive amounts of memory.  This mainly affects
       the fuzzers.
    
     * Sudo now builds AIX-style shared libraries and dynamic shared
       objects by default instead of svr4-style. This means that the
       default sudo plugins are now .a (archive) files that contain a
       .so shared object file instead of bare .so files.  This was done
       to improve compatibility with the AIX Freeware ecosystem,
       specifically, the AIX Freeware build of OpenSSL.  Sudo will still
       load svr4-style .so plugins and if a .so file is requested,
       either via sudo.conf or the sudoers file, and only the .a file
       is present, sudo will convert the path from plugin.so to
       plugin.a(plugin.so) when loading it.  This ensures compatibility
       with existing configurations.  To restore the old, pre-1.9.13
       behavior, run configure using the --with-aix-soname=svr4 option.
    
     * Sudo no longer checks the ownership and mode of the plugins that
       it loads.  Plugins are configured via either the sudo.conf or
       sudoers file which are trusted configuration files.  These checks
       suffered from time-of-check vs. time-of-use race conditions and
       complicate loading plugins that are not simple paths.  Ownership
       and mode checks are still performed when loading the sudo.conf
       and sudoers files, which do not suffer from race conditions.
       The sudo.conf "developer_mode" setting is no longer used.
    
     * Control characters in sudo log messages and "sudoreplay -l"
       output are now escaped in octal format.  Space characters in the
       command path are also escaped.  Command line arguments that
       contain spaces are surrounded by single quotes and any literal
       single quote or backslash characters are escaped with a backslash.
       This makes it possible to distinguish multiple command line
       arguments from a single argument that contains spaces.
    
     * Improved support for DragonFly BSD which uses a different struct
       procinfo than either FreeBSD or 4.4BSD.
    
     * Fixed a compilation error on Linux arm systems running older
       kernels that may not define EM_ARM in linux/elf-em.h.
       GitHub issue #232.
    
     * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
       Sudo will now link using -Wl,--no-undefined by default if possible.
       GitHub issue #234.
    
     * Fixed a bug executing a command with a very long argument vector
       when "log_subcmds" or "intercept" is enabled on a system where
       "intercept_type" is set to "trace".  GitHub issue #194.
    
     * When sudo is configured to run a command in a pseudo-terminal
       but the standard input is not connected to a terminal, the command
       will now be run as a background process.  This works around a
       problem running sudo commands in the background from a shell
       script where changing the terminal to raw mode could interfere
       with the interactive shell that ran the script.
       GitHub issue #237.
    
     * A missing include file in sudoers is no longer a fatal error
       unless the error_recovery plugin argument has been set to false.
    
    PR:             269563
    Submitted by:   cy
    Reported by:    cy
    Approved by:    garga
    
    (cherry picked from commit 8bd63987e9310ceb2c7c028a22dd8ea67e14b533)
---
 security/sudo/Makefile  | 2 +-
 security/sudo/distinfo  | 6 +++---
 security/sudo/pkg-plist | 2 ++
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/security/sudo/Makefile b/security/sudo/Makefile
index 673b94caf04f..549763dee34d 100644
--- a/security/sudo/Makefile
+++ b/security/sudo/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	sudo
-PORTVERSION=	1.9.12p2
+PORTVERSION=	1.9.13
 CATEGORIES=	security
 MASTER_SITES=	SUDO
 
diff --git a/security/sudo/distinfo b/security/sudo/distinfo
index 1820b31e549f..594926f8ddb1 100644
--- a/security/sudo/distinfo
+++ b/security/sudo/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1674058310
-SHA256 (sudo-1.9.12p2.tar.gz) = b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539
-SIZE (sudo-1.9.12p2.tar.gz) = 4909431
+TIMESTAMP = 1676431948
+SHA256 (sudo-1.9.13.tar.gz) = 3f55455b46edb0a129d925dcc39972f12f7c7fb78d0ccab6017ee16c8177e436
+SIZE (sudo-1.9.13.tar.gz) = 5093583
diff --git a/security/sudo/pkg-plist b/security/sudo/pkg-plist
index c3f93fe4698e..682fedc57f46 100644
--- a/security/sudo/pkg-plist
+++ b/security/sudo/pkg-plist
@@ -97,6 +97,7 @@ sbin/sudo_sendlog
 %%NLS%%share/locale/ja/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ja/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ka/LC_MESSAGES/sudo.mo
+%%NLS%%share/locale/ka/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ko/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ko/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/lt/LC_MESSAGES/sudoers.mo
@@ -119,6 +120,7 @@ sbin/sudo_sendlog
 %%NLS%%share/locale/sk/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sl/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sl/LC_MESSAGES/sudoers.mo
+%%NLS%%share/locale/sq/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sr/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sr/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sv/LC_MESSAGES/sudo.mo