cvs commit: ports/security/sudo Makefile distinfo
ports/security/vuxml vuln.xml
Tom McLaughlin
tmclaugh at FreeBSD.org
Fri Feb 6 11:35:49 PST 2009
tmclaugh 2009-02-06 19:35:47 UTC
FreeBSD ports repository
Modified files:
security/sudo Makefile distinfo
security/vuxml vuln.xml
Log:
Security update for sudo to 1.6.9p20 for CVE 2009-0034
Changes:
- Only use the cached supplementory group vector when matching groups
for the invoking user. (security)
- When setting the umask, use the union of the user's umask and the
default value set in sudoers so that we never lower the user's umask
when running a command.
- Sudo now operates in the C locale again when doing a match against
sudoers.
PR: 131446
Submitted by: Eygene Ryabinkin
Security: vid:13d6d997-f455-11dd-8516-001b77d09812
Revision Changes Path
1.101 +2 -2 ports/security/sudo/Makefile
1.61 +3 -3 ports/security/sudo/distinfo
1.1846 +33 -1 ports/security/vuxml/vuln.xml
More information about the cvs-ports
mailing list