diff --git a/sudo-1.9.5p2.tar.gz b/sudo-1.9.5p2.tar.gz deleted file mode 100644 index be69852..0000000 --- a/sudo-1.9.5p2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978 -size 4012277 diff --git a/sudo-1.9.5p2.tar.gz.sig b/sudo-1.9.5p2.tar.gz.sig deleted file mode 100644 index 9f97430..0000000 Binary files a/sudo-1.9.5p2.tar.gz.sig and /dev/null differ diff --git a/sudo-1.9.6p1.tar.gz b/sudo-1.9.6p1.tar.gz new file mode 100644 index 0000000..f976e45 --- /dev/null +++ b/sudo-1.9.6p1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a9e9cdc058fafeb9cd3ebfb864c81755e524d98aa022152763f25bce8ca3ca90 +size 4119888 diff --git a/sudo-1.9.6p1.tar.gz.sig b/sudo-1.9.6p1.tar.gz.sig new file mode 100644 index 0000000..f56ea5e Binary files /dev/null and b/sudo-1.9.6p1.tar.gz.sig differ diff --git a/sudo.changes b/sudo.changes index 77b864d..cb7078c 100644 --- a/sudo.changes +++ b/sudo.changes @@ -1,3 +1,62 @@ +------------------------------------------------------------------- +Sat Mar 20 18:25:12 UTC 2021 - Dirk Müller + +- update to 1.9.6p1 + * Fixed a regression introduced in sudo 1.9.6 that resulted in an + error message instead of a usage message when sudo is run with + no arguments. + * Fixed a sudo_sendlog compilation problem with the AIX xlC compiler. + * Fixed a regression introduced in sudo 1.9.4 where the + --disable-root-mailer configure option had no effect. + * Added a --disable-leaks configure option that avoids some + memory leaks on exit that would otherwise occur. This is intended + to be used with development tools that measure memory leaks. It + is not safe to use in production at this time. + * Plugged some memory leaks identified by oss-fuzz and ASAN. + * Fixed the handling of sudoOptions for an LDAP sudoRole that + contains multiple sudoCommands. Previously, some of the options + would only be applied to the first sudoCommand. + * Fixed a potential out of bounds read in the parsing of NOTBEFORE + and NOTAFTER sudoers command options (and their LDAP equivalents). + * The parser used for reading I/O log JSON files is now more + resilient when processing invalid JSON. + * Fixed typos that prevented "make uninstall" from working. + * Fixed a regression introduced in sudo 1.9.4 where the last line + in a sudoers file might not have a terminating NUL character + added if no newline was present. + * Integrated oss-fuzz and LLVM's libFuzzer with sudo. The new + --enable-fuzzer configure option can be combined with the + --enable-sanitizer option to build sudo with fuzzing support. + Multiple fuzz targets are available for fuzzing different parts + of sudo. Fuzzers are built and tested via "make fuzz" or as part + of "make check" (even when sudo is not built with fuzzing support). + Fuzzing support currently requires the LLVM clang compiler (not gcc). + * Fixed the --enable-static-sudoers configure option. + * Fixed a potential out of bounds read sudo when is run by a user + with more groups than the value of "max_groups" in sudo.conf. + * Added an "admin_flag" sudoers option to make the use of the + ~/.sudo_as_admin_successful file configurable on systems where + sudo is build with the --enable-admin-flag configure option. + This mostly affects Ubuntu and its derivatives. + * The "max_groups" setting in sudo.conf is now limited to 1024. + This setting is obsolete and should no longer be needed. + * Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir" + sudoers command options. A path "~/foo" was expanded to + "/home/userfoo" instead of "/home/user/foo". This also affects + the runchroot and runcwd Defaults settings. + * Fixed a bug on systems without a native getdelim(3) function + where very long lines could cause parsing of the sudoers file + to end prematurely. + * Fixed a potential integer overflow when converting the + timestamp_timeout and passwd_timeout sudoers settings to a + timespec struct. + * The default for the "group_source" setting in sudo.conf is now + "dynamic" on macOS. Recent versions of macOS do not reliably + return all of a user's non-local groups via getgroups(2), even + when _DARWIN_UNLIMITED_GETGROUPS is defined. + * Fixed a potential use-after-free in the PAM conversation function. + * Fixed potential redefinition of sys/stat.h macros in sudo_compat.h. + ------------------------------------------------------------------- Wed Jan 27 00:25:10 UTC 2021 - Simon Lees diff --git a/sudo.spec b/sudo.spec index 69d329e..0c5c796 100644 --- a/sudo.spec +++ b/sudo.spec @@ -22,7 +22,7 @@ %define use_usretc 1 %endif Name: sudo -Version: 1.9.5p2 +Version: 1.9.6p1 Release: 0 Summary: Execute some commands as root License: ISC