sudo: update to 1.9.5p1, set permissions during do_install.

- fixes a bunch of CVEs.

- the chmod 4111 in INSTALL changed sudo from 4755 to 4111. It was
always suid, it just stopped being world readable for some reason (with
a window of time where it could still be read, since INSTALL isn't run
immediately after unpacking). Furthermore, chmod'ing sudoedit doesn't
change anything in the final package, since it's a symlink to sudo.

- clean up outdated patches.

srcpkgs/sudo/INSTALL

@@ -7,7 +7,6 @@ post)
 		echo "Setting up permissions to /etc/sudoers..."
 		chmod 0440 etc/sudoers
 	fi
-	chmod 4111 usr/bin/sudo usr/bin/sudoedit
 	[ ! -d etc/sudoers.d ] && install -d etc/sudoers.d
 	[ ! -d var/db/sudo ] && install -dm750 var/db/sudo
 	;;

srcpkgs/sudo/patches/0001-Fix-build-when-configured-using-without-sendmail.patch

@@ -1,48 +0,0 @@
-From e22817e3abfee6fee779ab0b2d312d48323abb56 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Mon, 30 Nov 2020 13:18:12 -0700
-Subject: [PATCH] Fix build when configured using --without-sendmail Bug #947
-
----
- lib/eventlog/eventlog.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git lib/eventlog/eventlog.c lib/eventlog/eventlog.c
-index 8b190b7ce..ae97fdea9 100644
---- lib/eventlog/eventlog.c
-+++ lib/eventlog/eventlog.c
-@@ -78,7 +78,7 @@
- static FILE *eventlog_stub_open_log(int type, const char *logfile);
- static void eventlog_stub_close_log(int type, FILE *fp);
- 
--/* Eventlog config settings */
-+/* Eventlog config settings (default values). */
- static struct eventlog_config evl_conf = {
-     EVLOG_NONE,			/* type */
-     EVLOG_SUDO,			/* format */
-@@ -91,7 +91,11 @@ static struct eventlog_config evl_conf = {
-     false,			/* omit_hostname */
-     _PATH_SUDO_LOGFILE,		/* logpath */
-     "%h %e %T",			/* time_fmt */
-+#ifdef _PATH_SUDO_SENDMAIL
-     _PATH_SUDO_SENDMAIL,	/* mailerpath */
-+#else
-+    NULL,			/* mailerpath (disabled) */
-+#endif
-     "-t",			/* mailerflags */
-     NULL,			/* mailfrom */
-     MAILTO,			/* mailto */
-@@ -1436,8 +1440,10 @@ eventlog_setconf(struct eventlog_config *conf)
- 	evl_conf.logpath = _PATH_SUDO_LOGFILE;
-     if (evl_conf.time_fmt == NULL)
- 	evl_conf.time_fmt = "%h %e %T";
-+#ifdef _PATH_SUDO_SENDMAIL
-     if (evl_conf.mailerpath == NULL)
- 	evl_conf.mailerpath = _PATH_SUDO_SENDMAIL;
-+#endif
-     if (evl_conf.mailerflags == NULL)
- 	evl_conf.mailerflags = "-t";
-     if (evl_conf.mailto == NULL)
--- 
-2.29.2
-

srcpkgs/sudo/patches/fix-musl-test.patch

@@ -1,15 +0,0 @@
-sys/stat.h is required for mode_t
-
-Fixes
-error: unknown type name 'mode_t'
-
---- plugins/sudoers/regress/env_match/check_env_pattern.c
-+++ plugins/sudoers/regress/env_match/check_env_pattern.c
-@@ -17,6 +17,7 @@
- #include <config.h>
- 
- #include <stdio.h>
-+#include <sys/stat.h>
- #include <stdlib.h>
- #ifdef HAVE_STRING_H
- # include <string.h>

srcpkgs/sudo/patches/musl.patch

@@ -1,13 +0,0 @@
---- include/sudo_util.h.orig	2015-07-17 07:49:35.184634311 +0200
-+++ include/sudo_util.h	2015-07-17 07:50:05.018046508 +0200
-@@ -23,6 +23,10 @@
- # include "compat/stdbool.h"
- #endif /* HAVE_STDBOOL_H */
- 
-+#ifdef HAVE_SYS_TYPES_H
-+# include <sys/types.h>	/* id_t */
-+#endif
-+
- /*
-  * Macros for operating on struct timeval.
-  */

srcpkgs/sudo/template

@@ -1,6 +1,6 @@
 # Template file for 'sudo'
 pkgname=sudo
-version=1.9.4
+version=1.9.5p1
 revision=1
 build_style=gnu-configure
 configure_args="--with-ignore-dot --with-insults=disabled --with-all-insults --with-env-editor
@@ -15,7 +15,7 @@ license="ISC"
 homepage="https://www.sudo.ws/"
 changelog="https://www.sudo.ws/repos/sudo/raw-file/tip/NEWS"
 distfiles="https://www.sudo.ws/dist/sudo-${version}.tar.gz"
-checksum=8b91bd2cc73af18a06a01406e38d154b837107be759f72e89cefeaa94e1103f0
+checksum=4dddf37c22653defada299e5681e0daef54bb6f5fc950f63997bb8eb966b7882
 conf_files="/etc/pam.d/sudo /etc/sudoers"
 lib32disabled=yes