Accepting request 772143 from Base:System

OBS-URL: https://build.opensuse.org/request/show/772143 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=106
2020-02-15 21:23:40 +00:00 · 2020-02-15 21:23:40 +00:00 · 6ef976cb00
commit 6ef976cb00
parent d5d48c17b0 ac3c196343
7 changed files with 92 additions and 16 deletions
--- a/sudo-1.8.28p1.tar.gz
+++ b/sudo-1.8.28p1.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:23ba5a84af31e3b5ded58d4be6d3f6939a495a55561fba92c6941b79a6e8b027
 size 3310254
--- a/sudo-1.8.28p1.tar.gz.sig
+++ b/sudo-1.8.28p1.tar.gz.sig
--- a/sudo-1.8.31.tar.gz
+++ b/sudo-1.8.31.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:7ea8d97a3cee4c844e0887ea7a1bd80eb54cc98fd77966776cb1a80653ad454f
 size 3350674
--- a/sudo-1.8.31.tar.gz.sig
+++ b/sudo-1.8.31.tar.gz.sig
--- a/sudo-sudoers.patch
+++ b/sudo-sudoers.patch
@ -1,7 +1,7 @@
-Index: sudo-1.8.28/plugins/sudoers/sudoers.in
+Index: sudo-1.8.31/plugins/sudoers/sudoers.in
 ===================================================================
--- sudo-1.8.28.orig/plugins/sudoers/sudoers.in	2019-10-14 17:00:02.176362373 +0200
+--- sudo-1.8.31.orig/plugins/sudoers/sudoers.in
-+++ sudo-1.8.28/plugins/sudoers/sudoers.in	2019-10-14 17:00:04.688378325 +0200
+++ sudo-1.8.31/plugins/sudoers/sudoers.in
@@ -32,30 +32,23 @@
 ##
 ## Defaults specification
@ -82,11 +82,11 @@ Index: sudo-1.8.28/plugins/sudoers/sudoers.in
 ## Read drop-in files from @sysconfdir@/sudoers.d
 ## (the '#' here does not indicate a comment)
 #includedir @sysconfdir@/sudoers.d
-Index: sudo-1.8.28/doc/sudoers.mdoc.in
+Index: sudo-1.8.31/doc/sudoers.mdoc.in
 ===================================================================
--- sudo-1.8.28.orig/doc/sudoers.mdoc.in	2019-10-14 17:00:02.176362373 +0200
+--- sudo-1.8.31.orig/doc/sudoers.mdoc.in
-+++ sudo-1.8.28/doc/sudoers.mdoc.in	2019-10-14 17:03:30.841685660 +0200
+++ sudo-1.8.31/doc/sudoers.mdoc.in
-@@ -1972,7 +1972,7 @@ is present in the
+@@ -1985,7 +1985,7 @@ is present in the
 .Em env_keep
 list, both of which are strongly discouraged.
 This flag is
@ -95,16 +95,16 @@ Index: sudo-1.8.28/doc/sudoers.mdoc.in
 by default.
 .It authenticate
 If set, users must authenticate themselves via a password (or other
-@@ -2364,7 +2364,7 @@ If set,
+@@ -2376,7 +2376,7 @@ If set,
 .Nm sudo
 will insult users when they enter an incorrect password.
 This flag is
 -.Em @insults@
 +.Em off
 by default.
- .It log_host
+ .It log_allowed
- If set, the host name will be logged in the (non-syslog)
+ If set,
-@@ -2941,7 +2941,7 @@ database as an argument to the
+@@ -3009,7 +3009,7 @@ database as an argument to the
 .Fl u
 option.
 This flag is
--- a/sudo.changes
+++ b/sudo.changes
@ -1,3 +1,79 @@
 -------------------------------------------------------------------
 Thu Feb  6 19:21:23 UTC 2020 - Kristyna Streitova <kstreitova@suse.com>
 - Update to 1.8.31
  Major changes between version 1.8.31 and 1.8.30:
  * This version fixes a potential security issue that can lead to
    a buffer overflow if the pwfeedback option is enabled in
    sudoers [CVE-2019-18634] [bsc#1162202]
  * The sudoedit_checkdir option now treats a user-owned directory
    as writable, even if it does not have the write bit set at the
    time of check. Symbolic links will no longer be followed by
    sudoedit in any user-owned directory. Bug #912.
  * Fixed a crash introduced in sudo 1.8.30 when suspending sudo
    at the password prompt. Bug #914.
  * Fixed compilation on systems where the mmap MAP_ANON flag is
    not available. Bug #915.
  Major changes between version 1.8.30 and 1.8.29:
  * Sudo now closes file descriptors before changing uids. This
    prevents a non-root process from interfering with sudo's ability
    to close file descriptors on systems that support the prlimit(2)
    system call.
  * Sudo now treats an attempt to run sudo sudoedit as simply
    sudoedit If the sudoers file contains a fully-qualified path
    to sudoedit, sudo will now treat it simply as sudoedit
    (with no path). Visudo will will now treat a fully-qualified
    path to sudoedit as an error. Bug #871.
  * Fixed a bug introduced in sudo 1.8.28 where sudo would warn
    about a missing /etc/environment file on AIX and Linux when
    PAM is not enabled. Bug #907.
  * Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
    the askpass program from running due to an unlimited stack size
    resource limit. Bug #908.
  * If a group provider plugin has optional arguments, the argument
    list passed to the plugin is now NULL terminated as per the
    documentation.
  * The user's time stamp file is now only updated if both authentication
    and approval phases succeed. This is consistent with the behavior
    of sudo prior to version 1.8.23. Bug #910.
  * The new allow_unknown_runas_id sudoers setting can be used to
    enable or disable the use of unknown user or group IDs.
    Previously, sudo would always allow unknown user or group IDs if
    the sudoers entry permitted it, including via the ALL alias.
    As of sudo 1.8.30, the admin must explicitly enable support for
    unknown IDs.
  * The new runas_check_shell sudoers setting can be used to require
    that the runas user have a shell listed in the /etc/shells file.
    On many systems, users such as bin, do not have a valid shell and
    this flag can be used to prevent commands from being run as
    those users.
  * Fixed a problem restoring the SELinux tty context during reboot
    if mctransd is killed before sudo finishes. GitHub Issue #17.
  * Fixed an intermittent warning on NetBSD when sudo restores the
    initial stack size limit.
  Major changes between version 1.8.29 and 1.8.28p1:
  * The cvtsudoers command will now reject non-LDIF input when
    converting from LDIF format to sudoers or JSON formats.
  * The new log_allowed and log_denied sudoers settings make it
    possible to disable logging and auditing of allowed and/or
    denied commands.
  * The umask is now handled differently on systems with PAM or
    login.conf. If the umask is explicitly set in sudoers, that
    value is used regardless of what PAM or login.conf may specify.
    However, if the umask is not explicitly set in sudoers, PAM or
    login.conf may now override the default sudoers umask. Bug #900.
  * For make install, the sudoers file is no longer checked for syntax
    errors when DESTDIR is set. The default sudoers file includes the
    contents of /etc/sudoers.d which may not be readable as non-root.
    Bug #902.
  * Sudo now sets most resource limits to their maximum value to avoid
    problems caused by insufficient resources, such as an inability to
    allocate memory or open files and pipes. Fixed a regression introduced
    in sudo 1.8.28 where sudo would refuse to run if the parent process was
    not associated with a session. This was due to sudo passing a session
    ID of -1 to the plugin.
 - refresh sudo-sudoers.patch
 -------------------------------------------------------------------
 Fri Dec  6 08:38:45 UTC 2019 - Thorsten Kukuk <kukuk@suse.com>
--- a/sudo.spec
+++ b/sudo.spec
@ -1,7 +1,7 @@
 #
 # spec file for package sudo
 #
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -23,7 +23,7 @@
 %endif
 Name:           sudo
-Version:        1.8.28p1
+Version:        1.8.31
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC