Created attachment 255130 [details] Patch to update sudo Sudo version 1.9.16p1 is now available which fixes several bugs in sudo 1.9.16. Source: https://www.sudo.ws/dist/sudo-1.9.16p1.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.16p1.tar.gz SHA256 checksum: 404994e23ae8bcf4be59ed6fd3759ad70a8cefa9bcf71640b33f176afec243b0 MD5 checksum: 4ce8901a1708c597b768ce511639a040 Binary packages: https://www.sudo.ws/getting/packages/ https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_16p1 For a list of download mirror sites, see: https://www.sudo.ws/getting/download_mirrors/ Sudo web site: https://www.sudo.ws/ Major changes between sudo 1.9.16p1 and 1.9.16: * Fixed the test for cross-compiling when checking for C99 snprintf(). The changes made to the test in sudo 1.9.16 resulted in a different problem. GitHub issue #386. * Fixed the date used by the exit record in sudo-format log files. This was a regression introduced in sudo 1.9.16 and only affected file-based logs, not syslog. GitHub issue #405. * Fixed the root cause of the "unable to find terminal name for device" message when running sudo on AIX when no terminal is present. In sudo 1.9.16 this was turned from a debug message into a warning. GitHub issue #408. * When a duplicate alias is found in the sudoers file, the warning message now includes the file and line number of the previous definition. * Added support for the --with-secure-path-value=no configure option to allow packagers to ship the default sudoers file with the secure path line commented out. * Sudo no longer sends mail when a user runs "sudo -nv" or "sudo -nl", even if "mail_badpass" or "mail_always" are set. Sudo already avoids logging to a file or syslog in this case. Bug #10
Attachment is a committable patch, i.e. git am ...
Approved. Thanks!
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=26f5b17f42838ef5f08727f3ac48a5461c8121ea commit 26f5b17f42838ef5f08727f3ac48a5461c8121ea Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2024-11-13 03:27:16 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2024-11-13 14:52:17 +0000 security/sudo: Update to 1.9.16p1 Major changes between sudo 1.9.16p1 and 1.9.16: * Fixed the test for cross-compiling when checking for C99 snprintf(). The changes made to the test in sudo 1.9.16 resulted in a different problem. GitHub issue #386. * Fixed the date used by the exit record in sudo-format log files. This was a regression introduced in sudo 1.9.16 and only affected file-based logs, not syslog. GitHub issue #405. * Fixed the root cause of the "unable to find terminal name for device" message when running sudo on AIX when no terminal is present. In sudo 1.9.16 this was turned from a debug message into a warning. GitHub issue #408. * When a duplicate alias is found in the sudoers file, the warning message now includes the file and line number of the previous definition. * Added support for the --with-secure-path-value=no configure option to allow packagers to ship the default sudoers file with the secure path line commented out. * Sudo no longer sends mail when a user runs "sudo -nv" or "sudo -nl", even if "mail_badpass" or "mail_always" are set. Sudo already avoids logging to a file or syslog in this case. Bug #1072. PR: 282720 Approved by: garga (maintainer) MFH: 2024Q4 security/sudo/Makefile | 2 +- security/sudo/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
A commit in branch 2024Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=8b4200891506c3d557ee5d7a7fe14a78bba940a9 commit 8b4200891506c3d557ee5d7a7fe14a78bba940a9 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2024-11-13 03:27:16 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2024-11-13 14:54:23 +0000 security/sudo: Update to 1.9.16p1 Major changes between sudo 1.9.16p1 and 1.9.16: * Fixed the test for cross-compiling when checking for C99 snprintf(). The changes made to the test in sudo 1.9.16 resulted in a different problem. GitHub issue #386. * Fixed the date used by the exit record in sudo-format log files. This was a regression introduced in sudo 1.9.16 and only affected file-based logs, not syslog. GitHub issue #405. * Fixed the root cause of the "unable to find terminal name for device" message when running sudo on AIX when no terminal is present. In sudo 1.9.16 this was turned from a debug message into a warning. GitHub issue #408. * When a duplicate alias is found in the sudoers file, the warning message now includes the file and line number of the previous definition. * Added support for the --with-secure-path-value=no configure option to allow packagers to ship the default sudoers file with the secure path line commented out. * Sudo no longer sends mail when a user runs "sudo -nv" or "sudo -nl", even if "mail_badpass" or "mail_always" are set. Sudo already avoids logging to a file or syslog in this case. Bug #1072. PR: 282720 Approved by: garga (maintainer) MFH: 2024Q4 (cherry picked from commit 26f5b17f42838ef5f08727f3ac48a5461c8121ea) security/sudo/Makefile | 2 +- security/sudo/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Committed. Thank you for the approval.