Created attachment 225749 [details] Update sudo to 1.9.7p1 Sudo version 1.9.7 patchelevel 1 is now available which fixes a few minor bugs in sudo 1.9.7. Source: https://www.sudo.ws/dist/sudo-1.9.7p1.tar.gz ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.7p1.tar.gz SHA256 checksum: 391431f454e55121b60c6ded0fcf30ddb80d623d7d16a6d1907cfa6a0b91d8cf MD5 checksum: 0ea3649ef66df80e6ecd04d45ea0f762 Binary packages: https://www.sudo.ws/download.html#binary https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_7p1 For a list of download mirror sites, see: https://www.sudo.ws/download_mirrors.html Sudo web site: https://www.sudo.ws/ Sudo web site mirrors: https://www.sudo.ws/mirrors.html Major changes between sudo 1.9.7p1 and 1.9.7 * Fixed an SELinux sudoedit bug when the edited temporary file could not be opened. The sesh helper would still be run even when there are no temporary files available to install. * Fixed a compilation problem on FreeBSD. * The sudo_noexec.so file is now built as a module on all systems other than macOS. This makes it possible to use other libtool implementations such as slibtool. On macOS shared libraries and modules are not interchangeable and the version of libtool shipped with sudo must be used. * Fixed a few bugs in the getgrouplist() emulation on Solaris when reading from the local group file. * Fixed a bug in sudo_logsrvd that prevented periodic relay server connection retries from occurring in "store_first" mode. * Disabled the nss_search()-based getgrouplist() emulation on HP-UX due to a crash when the group source is set to "compat" in /etc/nsswitch.conf. This is probably due to a mismatch between include/compat/nss_dbdefs.h and what HP-UX uses internally. On HP-UX we now just cycle through groups the slow way using getgrent(). Bug #978.
^Triage: Bugfix release MFH
I'm facing some problems with system I used to test all my ports related work and cannot test it. Cy, please go ahead and get it committed, please.
Thank you garga@. Assigning to myself for implementation.
Committed to my local branch. It will be pushed with a number of other commits later today.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=f34318c566935213a6e7c4e2ac53a6b921a6e9f9 commit f34318c566935213a6e7c4e2ac53a6b921a6e9f9 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2021-06-14 14:11:40 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2021-06-14 16:04:01 +0000 securty/sudo: Update to 1.9.7p1 Major changes between sudo 1.9.7p1 and 1.9.7 * Fixed an SELinux sudoedit bug when the edited temporary file could not be opened. The sesh helper would still be run even when there are no temporary files available to install. * Fixed a compilation problem on FreeBSD. * The sudo_noexec.so file is now built as a module on all systems other than macOS. This makes it possible to use other libtool implementations such as slibtool. On macOS shared libraries and modules are not interchangeable and the version of libtool shipped with sudo must be used. * Fixed a few bugs in the getgrouplist() emulation on Solaris when reading from the local group file. * Fixed a bug in sudo_logsrvd that prevented periodic relay server connection retries from occurring in "store_first" mode. * Disabled the nss_search()-based getgrouplist() emulation on HP-UX due to a crash when the group source is set to "compat" in /etc/nsswitch.conf. This is probably due to a mismatch between include/compat/nss_dbdefs.h and what HP-UX uses internally. On HP-UX we now just cycle through groups the slow way using getgrent(). Bug #978. PR: 256561 Submitted by: cy Reported by: cy Approved by: garga (maintainer) MFH: 2020Q2 security/sudo/Makefile | 2 +- security/sudo/distinfo | 6 +++--- .../sudo/files/patch-lib_iolog_hostcheck.c (gone) | 25 ---------------------- 3 files changed, 4 insertions(+), 29 deletions(-)
A commit in branch 2021Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6ff6811ef166603c135ad6eca6b6562ffab7b6f1 commit 6ff6811ef166603c135ad6eca6b6562ffab7b6f1 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2021-06-14 14:11:40 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2021-06-14 21:00:12 +0000 securty/sudo: Update to 1.9.7p1 Major changes between sudo 1.9.7p1 and 1.9.7 * Fixed an SELinux sudoedit bug when the edited temporary file could not be opened. The sesh helper would still be run even when there are no temporary files available to install. * Fixed a compilation problem on FreeBSD. * The sudo_noexec.so file is now built as a module on all systems other than macOS. This makes it possible to use other libtool implementations such as slibtool. On macOS shared libraries and modules are not interchangeable and the version of libtool shipped with sudo must be used. * Fixed a few bugs in the getgrouplist() emulation on Solaris when reading from the local group file. * Fixed a bug in sudo_logsrvd that prevented periodic relay server connection retries from occurring in "store_first" mode. * Disabled the nss_search()-based getgrouplist() emulation on HP-UX due to a crash when the group source is set to "compat" in /etc/nsswitch.conf. This is probably due to a mismatch between include/compat/nss_dbdefs.h and what HP-UX uses internally. On HP-UX we now just cycle through groups the slow way using getgrent(). Bug #978. PR: 256561 Submitted by: cy Reported by: cy Approved by: garga (maintainer) MFH: 2020Q2 (cherry picked from commit f34318c566935213a6e7c4e2ac53a6b921a6e9f9) security/sudo/Makefile | 2 +- security/sudo/distinfo | 6 +++--- .../sudo/files/patch-lib_iolog_hostcheck.c (gone) | 25 ---------------------- 3 files changed, 4 insertions(+), 29 deletions(-)
Cy, I guess you can close this now?
Yes, this ticket can be closed now.