From bf67a396fd63cb3be9c02527350c0839c1790ab8c890db13d55b6a02baa7d6b1 Mon Sep 17 00:00:00 2001 From: Jason Sikes Date: Wed, 15 Feb 2023 22:46:09 +0000 Subject: [PATCH] Accepting request 1065829 from home:jsikes:branches:Base:System Update to 1.9.13! Enjoy. OBS-URL: https://build.opensuse.org/request/show/1065829 OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=229 --- sudo-1.9.12p2.tar.gz | 3 -- sudo-1.9.12p2.tar.gz.sig | Bin 566 -> 0 bytes sudo-1.9.13.tar.gz | 3 ++ sudo-1.9.13.tar.gz.sig | Bin 0 -> 566 bytes sudo.changes | 106 +++++++++++++++++++++++++++++++++++++++ sudo.spec | 2 +- 6 files changed, 110 insertions(+), 4 deletions(-) delete mode 100644 sudo-1.9.12p2.tar.gz delete mode 100644 sudo-1.9.12p2.tar.gz.sig create mode 100644 sudo-1.9.13.tar.gz create mode 100644 sudo-1.9.13.tar.gz.sig diff --git a/sudo-1.9.12p2.tar.gz b/sudo-1.9.12p2.tar.gz deleted file mode 100644 index d526c05..0000000 --- a/sudo-1.9.12p2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539 -size 4909431 diff --git a/sudo-1.9.12p2.tar.gz.sig b/sudo-1.9.12p2.tar.gz.sig deleted file mode 100644 index 1d0ff2e4e4a8efceae3d377ba5b502e16dea44ffdc3a9c8b8d77647d3b5b32a2..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 566 zcmV-60?GY}0y6{v0SEvc79j*#(do>(D>r8Z{nJ~i^uQs`q;UHM0%OPkM*s>55UKRQ zA3thwr!3>Sv;Xmiu zNm|5ap{l%7{*Dt?!?Be(u;OMzCA<%6k6Qlh)O@|d-b(vu1{p=p%&}Epb~v$zw8J1r zAZJ7}3@zI~`fh#x`sPr$e}A}b(ww>ow=R4V&aXj3XcQ^kO6w^G)HROzvETKc0Sd+} zS6KQkqz2A$ZQ9yZJsQR`%I(@F5Vb%w2sjP6zBaPmJpE9BXayU1FPRy1)kb;dsulvO zd1`1wxc>=qTXhy(on?GHQE&_vj-?E0e3<=_qO@2=*#*~-XJ7H_ zMcAF6riI@dPDJgnBln?@VKC1{mp|y4KJZ@=nm5aC9rM1KMhvqvLTkU6AO>q%n(J9j z;|b=efam6lS`FgR;I$s{au;E0Y`@lUDsboA`K16WW3Osq|=WpT@H%J3_} zvsgCL6mq+_Nr%B@s|0$pw!Pel)gVb>CBnHjtk$zk8Sy)DTL diff --git a/sudo-1.9.13.tar.gz b/sudo-1.9.13.tar.gz new file mode 100644 index 0000000..290c7e8 --- /dev/null +++ b/sudo-1.9.13.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3f55455b46edb0a129d925dcc39972f12f7c7fb78d0ccab6017ee16c8177e436 +size 5093583 diff --git a/sudo-1.9.13.tar.gz.sig b/sudo-1.9.13.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..fce5e5808e5030c8e37ea98facee6257c138f000a81cbd7bb98d81c5fc12e0e2 GIT binary patch literal 566 zcmV-60?GY}0y6{v0SEvc79j*#(do>(D>r8Z{nJ~i^uQs`q;UHM0%PmQ>i`M~5UKRQ zAn}E>Y!V3<-b#!CSJC>KFv$Q%HNdh~(pym1v(8B4l`ZL($=q_Qj{MbNjyc*8% zp09-?7$|S_IG6df*#83|bY*(4M~+ivb-3yvEeS1`o#j~mM=T(=cyS1fcNvNBJ~#$4!<$oJ^^NtbWScXM zDz+vfy)%H72#$#IJA{y%4a??tE|D0Q0Ez}mm_J06UKQ}8JdD2wGuVPoe&B+~jnwKT zhJy=4M$b_+UFgD?Xp0A?GC*iNLX*|bTIZ;8B` + +- Update to 1.9.13: + * Changes in 1.9.13: + + Fixed a bug running relative commands via sudo when log_subcmds + is enabled. GitHub issue #194. + + Fixed a signal handling bug when running sudo commands in a shell + script. Signals were not being forwarded to the command when the + sudo process was not run in its own process group. + + Fixed a bug in the cvtsudoers LDIF parsing when the file ends without + a newline and a backslash is the last character of the file. + + Fixed a potential use-after-free bug with cvtsudoers filtering. + GitHub issue #198. + + Added a reminder to the default lecture that the password will not + echo. This line is only displayed when the pwfeedback option is + disabled. GitHub issue #195. + + Fixed potential memory leaks in error paths. GitHub issue #199. + GitHub issue #202. + + Fixed potential NULL dereferences on memory allocation failure. + GitHub issue #204. GitHub issue #211. + + Sudo now uses C23-style attributes in function prototypes instead + of gcc-style attributes if supported. + + Added a new list pseudo-command in sudoers to allow a user to list + another user’s privileges. Previously, only root or a user with + the ability to run any command as either root or the target user + on the current host could use the -U option. This also includes a + fix to the log entry when a user lacks permission to run + sudo -U otheruser -l command. Previously, the logs would indicate + that the user tried to run the actual command, now the log entry + includes the list operation. + + JSON logging now escapes control characters if they happen to + appear in the command or environment. + + New Albanian translation from translationproject.org. + + Regular expressions in sudoers or logsrvd.conf may no longer contain + consecutive repetition operators. This is implementation- specific + behavior according to POSIX, but some implementations will allocate + excessive amounts of memory. This mainly affects the fuzzers. + + Sudo now builds AIX-style shared libraries and dynamic shared + objects by default instead of svr4-style. This means that the + default sudo plugins are now .a (archive) files that contain a .so + shared object file instead of bare .so files. This was done to + improve compatibility with the AIX Freeware ecosystem, specifically, + the AIX Freeware build of OpenSSL. Sudo will still load + svr4-style .so plugins and if a .so file is requested, either via + sudo.conf or the sudoers file, and only the .a file is present, + sudo will convert the path from plugin.so to plugin.a(plugin.so) + when loading it. This ensures compatibility with existing + configurations. To restore the old, pre-1.9.13 behavior, run + configure using the –with-aix-soname=svr4 option. + + Sudo no longer checks the ownership and mode of the plugins that + it loads. Plugins are configured via either the sudo.conf or + sudoers file which are trusted configuration files. These checks + suffered from time-of-check vs. time-of-use race conditions and + complicate loading plugins that are not simple paths. Ownership + and mode checks are still performed when loading the sudo.conf + and sudoers files, which do not suffer from race conditions. + The sudo.conf developer_mode setting is no longer used. + + Control characters in sudo log messages and sudoreplay -l output + are now escaped in octal format. Space characters in the command + path are also escaped. Command line arguments that contain spaces + are surrounded by single quotes and any literal single quote or + backslash characters are escaped with a backslash. This makes it + possible to distinguish multiple command line arguments from a + single argument that contains spaces. + + Improved support for DragonFly BSD which uses a different + struct procinfo than either FreeBSD or 4.4BSD. + + Fixed a compilation error on Linux arm systems running older + kernels that may not define EM_ARM in linux/elf-em.h. + GitHub issue #232. + + Fixed a compilation error when LDFLAGS contains -Wl,–no-undefined. + Sudo will now link using -Wl,–no-undefined by default if possible. + GitHub issue #234. + + Fixed a bug executing a command with a very long argument vector + when log_subcmds or intercept is enabled on a system where + intercept_type is set to trace. GitHub issue #194. + + When sudo is configured to run a command in a pseudo-terminal but + the standard input is not connected to a terminal, the command + will now be run as a background process. This works around a problem + running sudo commands in the background from a shell script where + changing the terminal to raw mode could interfere with the interactive + shell that ran the script. GitHub issue #237. + + A missing include file in sudoers is no longer a fatal error unless + the error_recovery plugin argument has been set to false. + ------------------------------------------------------------------- Thu Jan 19 03:39:52 UTC 2023 - Jason Sikes diff --git a/sudo.spec b/sudo.spec index a5187dc..aeccff9 100644 --- a/sudo.spec +++ b/sudo.spec @@ -17,7 +17,7 @@ Name: sudo -Version: 1.9.12p2 +Version: 1.9.13 Release: 0 Summary: Execute some commands as root License: ISC