cvs commit: ports/security/sudo Makefile distinfo
Sergey A. Osokin
osa at FreeBSD.org
Tue Jun 21 13:05:24 GMT 2005
On Tue, Jun 21, 2005 at 10:00:46AM -0300, Renato Botelho wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, Jun 21, 2005 at 12:52:01PM +0000, Sergey A. Osokin wrote:
> > osa 2005-06-21 12:52:01 UTC
> >
> > FreeBSD ports repository
> >
> > Modified files:
> > security/sudo Makefile distinfo
> > Log:
> > Security update to latest release: 1.6.8p9.
> >
> > <Security Alert>
> > Summary:
> > A race condition in Sudo's command pathname handling prior
> > to Sudo version 1.6.8p9 that could allow a user with Sudo
> > privileges to run arbitrary commands.
> > Sudo versions affected:
> > Sudo versions 1.3.1 up to and including 1.6.8p8.
> > </Security Alert>
> >
> > More information about this incident available at:
> > http://www.sudo.ws/sudo/alerts/path_race.html
> >
> > Revision Changes Path
> > 1.74 +2 -2 ports/security/sudo/Makefile
> > 1.47 +2 -2 ports/security/sudo/distinfo
> > _______________________________________________
> > cvs-ports at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/cvs-ports
> > To unsubscribe, send any mail to "cvs-ports-unsubscribe at freebsd.org"
>
> Please, close the PR 82479 that I sent this morning to do this.
Oops, PR closed. Thanks a lot for report!
--
Sergey A. Osokin,
osa at FreeBSD.org
More information about the cvs-all
mailing list