Remove the old vulnerable ebuild.

Package-Manager: portage-2.2_rc67/cvs/Linux x86_64

3 files changed, 16 insertions, 214 deletions

diff --git a/app-admin/sudo/ChangeLog b/app-admin/sudo/ChangeLog
index 6534cc63c589..21b1a48f6884 100644
--- a/app-admin/sudo/ChangeLog
+++ b/app-admin/sudo/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for app-admin/sudo
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.229 2010/06/25 09:25:27 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/ChangeLog,v 1.230 2010/06/25 09:28:09 flameeyes Exp $
+
+  25 Jun 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  -sudo-1.7.2_p2-r1.ebuild:
+  Remove the old vulnerable ebuild.
 
   25 Jun 2010; Peter Volkov <pva@gentoo.org> sudo-1.7.2_p7.ebuild,
   sudo-1.7.3_beta4.ebuild:
diff --git a/app-admin/sudo/Manifest b/app-admin/sudo/Manifest
index b1dd1f15925c..fab9bc10a81b 100644
--- a/app-admin/sudo/Manifest
+++ b/app-admin/sudo/Manifest
@@ -1,9 +1,17 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
 AUX sudo-skeychallengeargs.diff 567 RMD160 906ee43a7c2f21d1cf5130eac5c98ef0833154fd SHA1 b0efbedc72a1ed85c74ba10e343a68368e76c3e9 SHA256 dd2f4fdba26be6c3b4af15f3b6e18efa19375e1f9c579cdc2c76ee1adcce5e1d
-DIST sudo-1.7.2p2.tar.gz 772399 RMD160 4ab92524639b5d6822c48d0f74f80dc1c674ab0e SHA1 b729c158f81f5cff4ce6193f3db7bee00a2c2fbe SHA256 3d93aa2d52873b1fc82dc6dd64f1046e4636735f55d9ca7861ef02235b7c7e45
 DIST sudo-1.7.2p7.tar.gz 772356 RMD160 7ed1976bbce6d66939b85ce08a97c089dbeb1ec4 SHA1 0504e0d7b1d3c987e48325ec4caa6ebfe5237ff5 SHA256 07a9c83e628a088314523e558236ac3c4cb0d54d7d7093e5b3e4c8101b1a2bea
 DIST sudo-1.7.3b4.tar.gz 893506 RMD160 dacc37d1d36e182d95cd837611cabfba71563c20 SHA1 f77599a7c204ded344cead38409b078aac628d59 SHA256 d82a055d1f970d272e047bf419af490e27caabb807290143aefc49e08bc23c14
-EBUILD sudo-1.7.2_p2-r1.ebuild 6378 RMD160 b1eba647750a5620926e79b63feb755eacceb68a SHA1 68e6b19890c47bd2f6151154f880460ac580b484 SHA256 819fa9e6d5e1daf928cd0d3700504e3fe8b6b5ada27465a810b7f6dc69330c38
 EBUILD sudo-1.7.2_p7.ebuild 6873 RMD160 65f3b568b6cd9ffcb6416aa49fb077fe89b225ef SHA1 a462e80abcfd833862f491d06a9270869a77b003 SHA256 b217c506a2cd211f3da4dc325d31af247c1b8f76a2332f44a08d48c4791a8a57
 EBUILD sudo-1.7.3_beta4.ebuild 6998 RMD160 496fedf52a8adabd0b4f4cd6c9a2edfadb9f3493 SHA1 4407377bb96a505f50d7b3e747d67cda808cad40 SHA256 3a0ed207e4591f66a22ffd1ac56451d765fa0a70667d8846cd7db1e5f9b47668
-MISC ChangeLog 32172 RMD160 cf9d63cf6c05ca9f7fa7c741f6c159e94b6d50b1 SHA1 472493b9e5b55468390e1388c0f09d4f9ea9e56a SHA256 a875de7438ca9a159a5b7275c84675e2c7e362207c175b7d198ad4441f159913
+MISC ChangeLog 32299 RMD160 2a06c98f57d7c69f2b0e6969d8fd828658933ebb SHA1 9716d59bdf8068f2eb8717aaa988dcc67f7167de SHA256 fe8dafa4d6313fd5d4a02a88abd71c9e639d6651b7a27f3d19e3fb0a17c23182
 MISC metadata.xml 434 RMD160 a713e5ffdcc2216a46f5023ab77c6e3aeed0d183 SHA1 49a31df517e1ec39344ac83c13e9fca87379d261 SHA256 87e2d9f4535e80f4ba1f73366040bb23cfb4b1f3101c0e33df73aff2e77fc13f
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.15 (GNU/Linux)
+
+iEYEARECAAYFAkwkdrAACgkQAiZjviIA2Xg7BQCfdXGqoBu6XeFltzzcZMQokHy/
+WcgAoKhuP8z/zmmsvki160eW6AG97Ieo
+=PCXz
+-----END PGP SIGNATURE-----
diff --git a/app-admin/sudo/sudo-1.7.2_p2-r1.ebuild b/app-admin/sudo/sudo-1.7.2_p2-r1.ebuild
deleted file mode 100644
index 5e8e87395084..000000000000
--- a/app-admin/sudo/sudo-1.7.2_p2-r1.ebuild
+++ /dev/null
@@ -1,210 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/sudo/sudo-1.7.2_p2-r1.ebuild,v 1.2 2010/06/24 13:38:03 flameeyes Exp $
-
-inherit eutils pam confutils
-
-MY_P=${P/_/}
-MY_P=${MY_P/beta/b}
-
-case "${P}" in
-	*_beta* | *_rc*)
-		uri_prefix=beta/
-		;;
-	*)
-		uri_prefix=""
-		;;
-esac
-
-DESCRIPTION="Allows users or groups to run commands as other users"
-HOMEPAGE="http://www.sudo.ws/"
-SRC_URI="ftp://ftp.sudo.ws/pub/sudo/${uri_prefix}${MY_P}.tar.gz"
-# Basic license is ISC-style as-is, some files are released under
-# 3-clause BSD license
-LICENSE="as-is BSD"
-SLOT="0"
-KEYWORDS="~mips ~sparc-fbsd"
-IUSE="pam skey offensive ldap selinux"
-
-DEPEND="pam? ( virtual/pam )
-	ldap? (
-		>=net-nds/openldap-2.1.30-r1
-		dev-libs/cyrus-sasl
-	)
-	skey? ( >=sys-auth/skey-1.1.5-r1 )
-	virtual/editor
-	virtual/mta"
-RDEPEND="selinux? ( sec-policy/selinux-sudo )
-	ldap? ( dev-lang/perl )
-	pam? ( sys-auth/pambase )
-	${DEPEND}"
-DEPEND="${DEPEND} sys-devel/bison"
-
-S=${WORKDIR}/${MY_P}
-
-pkg_setup() {
-	confutils_use_conflict skey pam
-}
-
-src_unpack() {
-	unpack ${A}; cd "${S}"
-
-	# compatability fix.
-	epatch "${FILESDIR}"/${PN}-skeychallengeargs.diff
-
-	# additional variables to disallow, should user disable env_reset.
-
-	# NOTE: this is not a supported mode of operation, these variables
-	#       are added to the blacklist as a convenience to administrators
-	#       who fail to heed the warnings of allowing untrusted users
-	#       to access sudo.
-	#
-	#       there is *no possible way* to foresee all attack vectors in
-	#       all possible applications that could potentially be used via
-	#       sudo, these settings will just delay the inevitable.
-	#
-	#       that said, I will accept suggestions for variables that can
-	#       be misused in _common_ interpreters or libraries, such as
-	#       perl, bash, python, ruby, etc., in the hope of dissuading
-	#       a casual attacker.
-
-	# XXX: perl should be using suid_perl.
-	# XXX: users can remove/add more via env_delete and env_check.
-	# XXX: <?> = probably safe enough for most circumstances.
-
-	einfo "Blacklisting common variables (env_delete)..."
-		sudo_bad_var() {
-			local target='env.c' marker='\*initial_badenv_table\[\]'
-
-			ebegin "	$1"
-			sed -i 's#\(^.*'${marker}'.*$\)#\1\n\t"'${1}'",#' "${S}"/${target}
-			eend $?
-		}
-
-		sudo_bad_var 'PERLIO_DEBUG'   # perl, write debug to file.
-		sudo_bad_var 'FPATH'          # ksh, search path for functions.
-		sudo_bad_var 'NULLCMD'        # zsh, command on null-redir. <?>
-		sudo_bad_var 'READNULLCMD'    # zsh, command on null-redir. <?>
-		sudo_bad_var 'GLOBIGNORE'     # bash, glob paterns to ignore. <?>
-		sudo_bad_var 'PYTHONHOME'     # python, module search path.
-		sudo_bad_var 'PYTHONPATH'     # python, search path.
-		sudo_bad_var 'PYTHONINSPECT'  # python, allow inspection.
-		sudo_bad_var 'RUBYLIB'        # ruby, lib load path.
-		sudo_bad_var 'RUBYOPT'        # ruby, cl options.
-		sudo_bad_var 'ZDOTDIR'        # zsh, path to search for dotfiles.
-	einfo "...done."
-
-	# prevent binaries from being stripped.
-	sed -i 's/\($(INSTALL).*\) -s \(.*[(sudo|visudo)]\)/\1 \2/g' Makefile.in
-}
-
-src_compile() {
-	local line ROOTPATH
-
-	# FIXME: secure_path is a compile time setting. using ROOTPATH
-	# is not perfect, env-update may invalidate this, but until it
-	# is available as a sudoers setting this will have to do.
-	einfo "Setting secure_path..."
-
-		# why not use grep? variable might be expanded from other variables
-		# declared in that file. cannot just source the file, would override
-		# any variables already set.
-		eval `PS4= bash -x /etc/profile.env 2>&1 | \
-			while read line; do
-				case $line in
-					ROOTPATH=*) echo $line; break;;
-					*) continue;;
-				esac
-			done`  && einfo "	Found ROOTPATH..." || \
-				ewarn "	Failed to find ROOTPATH, please report this."
-
-		# remove duplicate path entries from $1
-		cleanpath() {
-			local i=1 x n IFS=:
-			local -a paths;	paths=($1)
-
-			for ((n=${#paths[*]}-1;i<=n;i++)); do
-				for ((x=0;x<i;x++)); do
-					test "${paths[i]}" == "${paths[x]}" && {
-						einfo "	Duplicate entry ${paths[i]} removed..." 1>&2
-						unset paths[i]; continue 2; }
-				done; # einfo "	Adding ${paths[i]}..." 1>&2
-			done; echo "${paths[*]}"
-		}
-
-		ROOTPATH=$(cleanpath /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin${ROOTPATH:+:${ROOTPATH}})
-
-		# strip gcc path (bug #136027)
-		rmpath() {
-			declare e newpath oldpath=${!1} PATHvar=$1 thisp IFS=:
-			shift
-			for thisp in $oldpath; do
-				for e; do [[ $thisp == $e ]] && continue 2; done
-				newpath=$newpath:$thisp
-			done
-			eval $PATHvar='${newpath#:}'
-		}
-
-		rmpath ROOTPATH '*/gcc-bin/*'
-
-	einfo "...done."
-
-	# XXX: --disable-path-info closes an info leak, but may be confusing.
-	# XXX: /bin/vi may not be available, make nano visudo's default.
-	econf --with-secure-path="${ROOTPATH}" \
-		--with-editor="${EDITOR:-/bin/nano}" \
-		--with-env-editor \
-		$(use_with offensive insults) \
-		$(use_with offensive all-insults) \
-		$(use_with pam) \
-		$(use_with skey) \
-		$(use_with ldap ldap_conf_file /etc/ldap.conf.sudo) \
-		$(use_with ldap) || die
-
-	emake || die
-}
-
-src_install() {
-	emake DESTDIR="${D}" install || die
-	dodoc ChangeLog HISTORY PORTING README TROUBLESHOOTING \
-		UPGRADE WHATSNEW sample.sudoers sample.syslog.conf
-
-	if use ldap; then
-		dodoc README.LDAP schema.OpenLDAP
-		dosbin sudoers2ldif
-
-		cat - > "${T}"/ldap.conf.sudo <<EOF
-# See ldap.conf(5) and README.LDAP for details\n"
-# This file should only be readable by root\n\n"
-# supported directives: host, port, ssl, ldap_version\n"
-# uri, binddn, bindpw, sudoers_base, sudoers_debug\n"
-# tls_{checkpeer,cacertfile,cacertdir,randfile,ciphers,cert,key
-EOF
-
-		insinto /etc
-		doins "${T}"/ldap.conf.sudo
-		fperms 0440 /etc/ldap.conf.sudo
-	fi
-
-	pamd_mimic system-auth sudo auth account password session
-
-	insinto /etc
-	doins "${S}"/sudoers
-	fperms 0440 /etc/sudoers
-}
-
-pkg_postinst() {
-	if use ldap; then
-		ewarn
-		ewarn "sudo uses the /etc/ldap.conf.sudo file for ldap configuration."
-		ewarn
-		if egrep -q '^[[:space:]]*sudoers:' "${ROOT}"/etc/nsswitch.conf; then
-			ewarn "In 1.7 series, LDAP is no more consulted, unless explicitly"
-			ewarn "configured in /etc/nsswitch.conf."
-			ewarn
-			ewarn "To make use of LDAP, add this line to your /etc/nsswitch.conf:"
-			ewarn "  sudoers: ldap files"
-			ewarn
-		fi
-	fi
-}