Accepting request 225988 from home:vitezslav_cizek:branches:Base:System

- update to 1.8.10p1
  * Fixed a bug with netgated commands in "sudo -l command" that
    could cause the command to be listed even when it was explicitly
    denied. This only affected list mode when a command was specified.
    Bug #636.
  * It is now possible to disable network interface probing in sudo.conf
    by changing the value of the probe_interfaces setting.
  * When listing a user's privileges (sudo -l), the sudoers plugin
    will now prompt for the user's password even if the targetpw,
    rootpw or runaspw options are set.
  * The sudoers plugin uses a new format for its time stamp files.
    Bug #616.
  * sudo's -K option will now remove all of the user's time stamps,
    not just the time stamp for the current terminal.
    The -k option can be used to only disable time stamps for
    the current terminal.
  * If sudo was started in the background and needed to prompt for a
    password, it was not possible to suspend it at the password prompt
  * LDAP-based sudoers now uses a default search filter of
    (objectClass=sudoRole) for more efficient queries.
    The netgroup query has been modified to avoid falling below the
    minimum length for OpenLDAP substring indices.
  * The new use_netgroups sudoers option can be used to explicitly
    enable or disable netgroups support. For LDAP-based sudoers,
    netgroup support requires an expensive substring match on the server.
    If netgroups are not needed, this option can be disabled to
    reduce the load on the LDAP server.
  * Sudo is once again able to open the sudoers file when the group
    on sudoers doesn't match the expected value, so long as the
    file is not group writable.

OBS-URL: https://build.opensuse.org/request/show/225988
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=71

sudo-1.8.10p1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bc0426b315c6e9d470b6fdb8d6afa6d924332c1ad24c8303f6b52e81fa1f32fb
+size 2260994

sudo-1.8.9p4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1943f9e9409c6542935d2e2d862c48d0d69dcf27288b294b8b537c02f52ac7a7
-size 2178544

sudo.changes

@@ -1,3 +1,44 @@
+-------------------------------------------------------------------
+Fri Mar 14 14:46:59 UTC 2014 - vcizek@suse.com
+
+- update to 1.8.10p1
+  * Fixed a bug with netgated commands in "sudo -l command" that
+    could cause the command to be listed even when it was explicitly
+    denied. This only affected list mode when a command was specified.
+    Bug #636.
+  * It is now possible to disable network interface probing in sudo.conf
+    by changing the value of the probe_interfaces setting.
+  * When listing a user's privileges (sudo -l), the sudoers plugin
+    will now prompt for the user's password even if the targetpw,
+    rootpw or runaspw options are set.
+  * The sudoers plugin uses a new format for its time stamp files.
+    Bug #616.
+  * sudo's -K option will now remove all of the user's time stamps,
+    not just the time stamp for the current terminal.
+    The -k option can be used to only disable time stamps for
+    the current terminal.
+  * If sudo was started in the background and needed to prompt for a
+    password, it was not possible to suspend it at the password prompt
+  * LDAP-based sudoers now uses a default search filter of
+    (objectClass=sudoRole) for more efficient queries.
+    The netgroup query has been modified to avoid falling below the
+    minimum length for OpenLDAP substring indices.
+  * The new use_netgroups sudoers option can be used to explicitly
+    enable or disable netgroups support. For LDAP-based sudoers,
+    netgroup support requires an expensive substring match on the server.
+    If netgroups are not needed, this option can be disabled to
+    reduce the load on the LDAP server.
+  * Sudo is once again able to open the sudoers file when the group
+    on sudoers doesn't match the expected value, so long as the
+    file is not group writable.
+  * Sudo now installs an init.d script to clear the time stamp
+    directory at boot time on AIX and HP-UX systems.
+    These systems either lack /var/run or do not clear it on boot.
+  * The JSON format used by visudo -x now properly supports the
+    negation operator. In addition, the Options object is now
+    the same for both Defaults and Cmnd_Specs.
+  * Fixed parsing of the "umask" defaults setting in sudoers. Bug #632.
+
 -------------------------------------------------------------------
 Thu Jan 30 12:12:28 UTC 2014 - vcizek@suse.com
 

sudo.spec

@@ -17,7 +17,7 @@
 
 
 Name:           sudo
-Version:        1.8.9p4
+Version:        1.8.10p1
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC
@@ -99,7 +99,7 @@ export LDFLAGS="-pie"
     --with-env-editor \
     --without-secure-path \
     --with-passprompt='%%p\x27s password:' \
-    --with-timedir=%{_localstatedir}/lib/sudo \
+    --with-rundir=%{_localstatedir}/lib/sudo \
     --with-sssd
 make %{?_smp_mflags}