Bug 222092
| Summary: | security/doas: Update port to version 6.0p1 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Jesse Smith <jsmith> | ||||
| Component: | Individual Port(s) | Assignee: | Tobias Kortkamp <tobik> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | tobik | ||||
| Priority: | --- | Flags: | tobik:
merge-quarterly-
|
||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
A commit references this bug: Author: tobik Date: Wed Sep 6 10:03:52 UTC 2017 New revision: 449334 URL: https://svnweb.freebsd.org/changeset/ports/449334 Log: security/doas: Update to 6.0p1 This update brings the security/doas port up to date with upstream. This gives us the added benefit of restricted path searching. Which means if the admin puts a relative path in the doas.conf file, doas will limit the number of places where the executable can be found. This prevents users from putting malicious executables with the same name in their custom path. PR: 222092 Submitted by: jsmith@resonatingmedia.com (maintainer) MFH: 2017Q3 Changes: head/security/doas/Makefile head/security/doas/distinfo Closing because I've never gotten approval for MFH'ing the update and it seems pointless now... @jsmith, thank you for the quick port update though! |
Created attachment 186103 [details] Patch to update doas port to upstream version 6.0p1 This update brings the security/doas port up to date with upstream. This gives us the added benefit of restricted path searching. Which means if the admin puts a relative path in the doas.conf file, doas will limit the number of places where the executable can be found. This prevents users from putting malicious executables with the same name in their custom path.