Accepting request 1066068 from Base:System

OBS-URL: https://build.opensuse.org/request/show/1066068
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=141

sudo-1.9.12p2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539
-size 4909431

sudo-1.9.13.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3f55455b46edb0a129d925dcc39972f12f7c7fb78d0ccab6017ee16c8177e436
+size 5093583

sudo.changes

@@ -1,3 +1,109 @@
+-------------------------------------------------------------------
+Wed Feb 15 00:17:43 UTC 2023 - Jason Sikes <jsikes@suse.com>
+
+- Update to 1.9.13:
+  * Changes in 1.9.13:
+  
+    Fixed a bug running relative commands via sudo when log_subcmds
+    is enabled. GitHub issue #194.
+
+    Fixed a signal handling bug when running sudo commands in a shell
+    script. Signals were not being forwarded to the command when the
+    sudo process was not run in its own process group.
+
+    Fixed a bug in the cvtsudoers LDIF parsing when the file ends without
+    a newline and a backslash is the last character of the file.
+
+    Fixed a potential use-after-free bug with cvtsudoers filtering.
+    GitHub issue #198.
+
+    Added a reminder to the default lecture that the password will not
+    echo. This line is only displayed when the pwfeedback option is
+    disabled. GitHub issue #195.
+
+    Fixed potential memory leaks in error paths. GitHub issue #199.
+    GitHub issue #202.
+
+    Fixed potential NULL dereferences on memory allocation failure.
+    GitHub issue #204. GitHub issue #211.
+
+    Sudo now uses C23-style attributes in function prototypes instead
+    of gcc-style attributes if supported.
+
+    Added a new list pseudo-command in sudoers to allow a user to list
+    another user’s privileges. Previously, only root or a user with
+    the ability to run any command as either root or the target user
+    on the current host could use the -U option. This also includes a
+    fix to the log entry when a user lacks permission to run
+    sudo -U otheruser -l command. Previously, the logs would indicate
+    that the user tried to run the actual command, now the log entry
+    includes the list operation.
+
+    JSON logging now escapes control characters if they happen to
+    appear in the command or environment.
+
+    New Albanian translation from translationproject.org.
+
+    Regular expressions in sudoers or logsrvd.conf may no longer contain
+    consecutive repetition operators. This is implementation- specific
+    behavior according to POSIX, but some implementations will allocate
+    excessive amounts of memory. This mainly affects the fuzzers.
+
+    Sudo now builds AIX-style shared libraries and dynamic shared
+    objects by default instead of svr4-style. This means that the
+    default sudo plugins are now .a (archive) files that contain a .so
+    shared object file instead of bare .so files. This was done to
+    improve compatibility with the AIX Freeware ecosystem, specifically,
+    the AIX Freeware build of OpenSSL. Sudo will still load
+    svr4-style .so plugins and if a .so file is requested, either via
+    sudo.conf or the sudoers file, and only the .a file is present,
+    sudo will convert the path from plugin.so to plugin.a(plugin.so)
+    when loading it. This ensures compatibility with existing
+    configurations. To restore the old, pre-1.9.13 behavior, run
+    configure using the –with-aix-soname=svr4 option.
+
+    Sudo no longer checks the ownership and mode of the plugins that
+    it loads. Plugins are configured via either the sudo.conf or
+    sudoers file which are trusted configuration files. These checks
+    suffered from time-of-check vs. time-of-use race conditions and
+    complicate loading plugins that are not simple paths. Ownership
+    and mode checks are still performed when loading the sudo.conf
+    and sudoers files, which do not suffer from race conditions.
+    The sudo.conf developer_mode setting is no longer used.
+
+    Control characters in sudo log messages and sudoreplay -l output
+    are now escaped in octal format. Space characters in the command
+    path are also escaped. Command line arguments that contain spaces
+    are surrounded by single quotes and any literal single quote or
+    backslash characters are escaped with a backslash. This makes it
+    possible to distinguish multiple command line arguments from a
+    single argument that contains spaces.
+
+    Improved support for DragonFly BSD which uses a different
+    struct procinfo than either FreeBSD or 4.4BSD.
+
+    Fixed a compilation error on Linux arm systems running older
+    kernels that may not define EM_ARM in linux/elf-em.h.
+    GitHub issue #232.
+
+    Fixed a compilation error when LDFLAGS contains -Wl,–no-undefined.
+    Sudo will now link using -Wl,–no-undefined by default if possible.
+    GitHub issue #234.
+
+    Fixed a bug executing a command with a very long argument vector
+    when log_subcmds or intercept is enabled on a system where
+    intercept_type is set to trace. GitHub issue #194.
+
+    When sudo is configured to run a command in a pseudo-terminal but
+    the standard input is not connected to a terminal, the command
+    will now be run as a background process. This works around a problem
+    running sudo commands in the background from a shell script where
+    changing the terminal to raw mode could interfere with the interactive
+    shell that ran the script. GitHub issue #237.
+
+    A missing include file in sudoers is no longer a fatal error unless
+    the error_recovery plugin argument has been set to false.
+
 -------------------------------------------------------------------
 Thu Jan 19 03:39:52 UTC 2023 - Jason Sikes <jsikes@suse.com>
 

sudo.spec

@@ -17,7 +17,7 @@
 
 
 Name:           sudo
-Version:        1.9.12p2
+Version:        1.9.13
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC