Accepting request 886601 from Base:System
OBS-URL: https://build.opensuse.org/request/show/886601 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=122
This commit is contained in:
Git OBS Bridge
commit
a4d639a899
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978
|
|
||||||
size 4012277
|
|
||||||
Binary file not shown.
3
sudo-1.9.6p1.tar.gz
Normal file
3
sudo-1.9.6p1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:a9e9cdc058fafeb9cd3ebfb864c81755e524d98aa022152763f25bce8ca3ca90
|
||||||
|
size 4119888
|
||||||
BIN
sudo-1.9.6p1.tar.gz.sig
Normal file
BIN
sudo-1.9.6p1.tar.gz.sig
Normal file
Binary file not shown.
59
sudo.changes
59
sudo.changes
@ -1,3 +1,62 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Mar 20 18:25:12 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- update to 1.9.6p1
|
||||||
|
* Fixed a regression introduced in sudo 1.9.6 that resulted in an
|
||||||
|
error message instead of a usage message when sudo is run with
|
||||||
|
no arguments.
|
||||||
|
* Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
|
||||||
|
* Fixed a regression introduced in sudo 1.9.4 where the
|
||||||
|
--disable-root-mailer configure option had no effect.
|
||||||
|
* Added a --disable-leaks configure option that avoids some
|
||||||
|
memory leaks on exit that would otherwise occur. This is intended
|
||||||
|
to be used with development tools that measure memory leaks. It
|
||||||
|
is not safe to use in production at this time.
|
||||||
|
* Plugged some memory leaks identified by oss-fuzz and ASAN.
|
||||||
|
* Fixed the handling of sudoOptions for an LDAP sudoRole that
|
||||||
|
contains multiple sudoCommands. Previously, some of the options
|
||||||
|
would only be applied to the first sudoCommand.
|
||||||
|
* Fixed a potential out of bounds read in the parsing of NOTBEFORE
|
||||||
|
and NOTAFTER sudoers command options (and their LDAP equivalents).
|
||||||
|
* The parser used for reading I/O log JSON files is now more
|
||||||
|
resilient when processing invalid JSON.
|
||||||
|
* Fixed typos that prevented "make uninstall" from working.
|
||||||
|
* Fixed a regression introduced in sudo 1.9.4 where the last line
|
||||||
|
in a sudoers file might not have a terminating NUL character
|
||||||
|
added if no newline was present.
|
||||||
|
* Integrated oss-fuzz and LLVM's libFuzzer with sudo. The new
|
||||||
|
--enable-fuzzer configure option can be combined with the
|
||||||
|
--enable-sanitizer option to build sudo with fuzzing support.
|
||||||
|
Multiple fuzz targets are available for fuzzing different parts
|
||||||
|
of sudo. Fuzzers are built and tested via "make fuzz" or as part
|
||||||
|
of "make check" (even when sudo is not built with fuzzing support).
|
||||||
|
Fuzzing support currently requires the LLVM clang compiler (not gcc).
|
||||||
|
* Fixed the --enable-static-sudoers configure option.
|
||||||
|
* Fixed a potential out of bounds read sudo when is run by a user
|
||||||
|
with more groups than the value of "max_groups" in sudo.conf.
|
||||||
|
* Added an "admin_flag" sudoers option to make the use of the
|
||||||
|
~/.sudo_as_admin_successful file configurable on systems where
|
||||||
|
sudo is build with the --enable-admin-flag configure option.
|
||||||
|
This mostly affects Ubuntu and its derivatives.
|
||||||
|
* The "max_groups" setting in sudo.conf is now limited to 1024.
|
||||||
|
This setting is obsolete and should no longer be needed.
|
||||||
|
* Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir"
|
||||||
|
sudoers command options. A path "~/foo" was expanded to
|
||||||
|
"/home/userfoo" instead of "/home/user/foo". This also affects
|
||||||
|
the runchroot and runcwd Defaults settings.
|
||||||
|
* Fixed a bug on systems without a native getdelim(3) function
|
||||||
|
where very long lines could cause parsing of the sudoers file
|
||||||
|
to end prematurely.
|
||||||
|
* Fixed a potential integer overflow when converting the
|
||||||
|
timestamp_timeout and passwd_timeout sudoers settings to a
|
||||||
|
timespec struct.
|
||||||
|
* The default for the "group_source" setting in sudo.conf is now
|
||||||
|
"dynamic" on macOS. Recent versions of macOS do not reliably
|
||||||
|
return all of a user's non-local groups via getgroups(2), even
|
||||||
|
when _DARWIN_UNLIMITED_GETGROUPS is defined.
|
||||||
|
* Fixed a potential use-after-free in the PAM conversation function.
|
||||||
|
* Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Jan 27 00:25:10 UTC 2021 - Simon Lees <sflees@suse.de>
|
Wed Jan 27 00:25:10 UTC 2021 - Simon Lees <sflees@suse.de>
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user