Pullup ticket 140 - requested by Quentin Garnier
security fix for sudo
Module Name: pkgsrc
Committed By: cube
Date: Fri Nov 12 16:47:31 UTC 2004
Modified Files:
pkgsrc/security/sudo: Makefile PLIST.NetBSD PLIST.SunOS distinfo
Log Message:
Update to version 1.6.8pl2. Fixes a security flaw for the sad people using
bash-as-sh (and people allowing bash scripts to be run through sudo). The
user could override commands by functions of her own.
ChangeLog:
549) Bash exported functions and the CDPATH variable are now stripped from
the environment passed to the program to be executed.