security/sudo: Update to 1.9.12p2

Major changes between sudo 1.9.12p2 and 1.9.12p1:

 * Fixed a compilation error on Linux/aarch64.  GitHub issue #197.

 * Fixed a potential crash introduced in the fix for GitHub issue #134.
   If a user's sudoers entry did not have any RunAs user's set,
   running "sudo -U otheruser -l" would dereference a NULL pointer.

 * Fixed a bug introduced in sudo 1.9.12 that could prevent sudo
   from creating a I/O files when the "iolog_file" sudoers setting
   contains six or more Xs.

 * Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit)
   that coud allow a malicious user with sudoedit privileges to
   edit arbitrary files.

PR:		269030
Submitted by:	cy
Reported by:	cy
Approved by:	garga
MFH:		2023Q1
Security:	CVE-2023-22809
This commit is contained in:
Cy Schubert 2023-01-18 08:20:58 -08:00
parent 76cbc2c0cd
commit 8f8bd813f3
2 changed files with 4 additions and 4 deletions

View File

@ -1,5 +1,5 @@
PORTNAME= sudo
PORTVERSION= 1.9.12p1
PORTVERSION= 1.9.12p2
CATEGORIES= security
MASTER_SITES= SUDO

View File

@ -1,3 +1,3 @@
TIMESTAMP = 1667830579
SHA256 (sudo-1.9.12p1.tar.gz) = 475a18a8eb3da8b2917ceab063a6baf51ea09128c3c47e3e0e33ab7497bab7d8
SIZE (sudo-1.9.12p1.tar.gz) = 4908060
TIMESTAMP = 1674058310
SHA256 (sudo-1.9.12p2.tar.gz) = b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539
SIZE (sudo-1.9.12p2.tar.gz) = 4909431