From a2c551b38d2666b617a5b60ba587e0abbb38914a421e4f2141c63824847e5b3e Mon Sep 17 00:00:00 2001
From: Kristyna Streitova <kstreitova@suse.com>
Date: Mon, 19 Apr 2021 08:23:29 +0000
Subject: [PATCH] Accepting request 886334 from home:dirkmueller:Factory

- update to 1.9.6p1
 * Fixed a regression introduced in sudo 1.9.6 that resulted in an
   error message instead of a usage message when sudo is run with
   no arguments.
 * Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
 * Fixed a regression introduced in sudo 1.9.4 where the
   --disable-root-mailer configure option had no effect.
 * Added a --disable-leaks configure option that avoids some
   memory leaks on exit that would otherwise occur.  This is intended
   to be used with development tools that measure memory leaks.  It
   is not safe to use in production at this time.
 * Plugged some memory leaks identified by oss-fuzz and ASAN.
 * Fixed the handling of sudoOptions for an LDAP sudoRole that
   contains multiple sudoCommands.  Previously, some of the options
   would only be applied to the first sudoCommand.
 * Fixed a potential out of bounds read in the parsing of NOTBEFORE
   and NOTAFTER sudoers command options (and their LDAP equivalents).
 * The parser used for reading I/O log JSON files is now more
   resilient when processing invalid JSON.
 * Fixed typos that prevented "make uninstall" from working.
 * Fixed a regression introduced in sudo 1.9.4 where the last line
   in a sudoers file might not have a terminating NUL character
   added if no newline was present.
 * Integrated oss-fuzz and LLVM's libFuzzer with sudo.  The new
   --enable-fuzzer configure option can be combined with the
   --enable-sanitizer option to build sudo with fuzzing support.
   Multiple fuzz targets are available for fuzzing different parts
   of sudo.  Fuzzers are built and tested via "make fuzz" or as part
   of "make check" (even when sudo is not built with fuzzing support).
   Fuzzing support currently requires the LLVM clang compiler (not gcc).

OBS-URL: https://build.opensuse.org/request/show/886334
OBS-URL: https://build.opensuse.org/package/show/Base:System/sudo?expand=0&rev=196
---
 sudo-1.9.5p2.tar.gz     |   3 --
 sudo-1.9.5p2.tar.gz.sig | Bin 566 -> 0 bytes
 sudo-1.9.6p1.tar.gz     |   3 ++
 sudo-1.9.6p1.tar.gz.sig | Bin 0 -> 566 bytes
 sudo.changes            |  59 ++++++++++++++++++++++++++++++++++++++++
 sudo.spec               |   2 +-
 6 files changed, 63 insertions(+), 4 deletions(-)
 delete mode 100644 sudo-1.9.5p2.tar.gz
 delete mode 100644 sudo-1.9.5p2.tar.gz.sig
 create mode 100644 sudo-1.9.6p1.tar.gz
 create mode 100644 sudo-1.9.6p1.tar.gz.sig

diff --git a/sudo-1.9.5p2.tar.gz b/sudo-1.9.5p2.tar.gz
deleted file mode 100644
index be69852..0000000
--- a/sudo-1.9.5p2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978
-size 4012277
diff --git a/sudo-1.9.5p2.tar.gz.sig b/sudo-1.9.5p2.tar.gz.sig
deleted file mode 100644
index 9f974306bf0cfbebc71ca18765c6147d02ffb4c39c39d9e9d496a9f3a553a2c1..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 566
zcmV-60?GY}0y6{v0SEvc79j*#(do>(D>r8Z{nJ~i^uQs`q;UHM0$>b97yt?h5UKRQ
zA<m?5`!S3U{x43J6mEiN%Z$o`D<MtVC?hz8&zeU%vRawEew#Kf?&wmZ^anZMBO)nJ
z_!CXNKEeg?NI;?8W<5WU4e~S>rTYU5BUxFjwK7>`dv=d-qt1Gz2nNwQUx9KBa7fs9
z&m{cbkokk|Rlc44KZ?OOdy<cJ7=<+Q59!}=6VYBQ3km}m+9!Opr+G#XUy3-^0;VOe
z<XN&{mX)8R6fIHmyz%TM;TOS<ofl~d5breZCFgKvGK<qzAU%p%?4~o*+t^FiA;zG5
z?zB-2N)q1iLYzC3&g$m8AGBT^2avLXn@eX~oW^yA<f2T@=7zY0Z)S{&fL$-5*mv|D
zkVE)O$?ZHY=|rgnlFBEsJ?KF6heQC5kpN1~2<oxTZ&2aoQaA6vYBqySNnL;d+j!FP
zKu37jIT<e@Bzi%K+<Z=b7A1t0s6T!zHx1mEz%jgw(NQ}fAT3|nAu6NslV+QxaG*o?
zgteC>1%)QOu{76_UCTeH2QK7^WwyZNN>YXgj_Bg3s_;HA`rz<%edIln^>C7vc6UBy
z#FZbYyJ`d_ubkM&Pntu<LnX1IEDL)kcaHw%09_cJ%Fx6xTcP=GndHs~)VJ29J}!;5
z?_jo$-Lc1<tarcq09S5vLMrwH{y1BmhF`oL53;A-{SAwC_o}^7cs2Y`86+Ck$%S~I
EmD$u0$^ZZW

diff --git a/sudo-1.9.6p1.tar.gz b/sudo-1.9.6p1.tar.gz
new file mode 100644
index 0000000..f976e45
--- /dev/null
+++ b/sudo-1.9.6p1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a9e9cdc058fafeb9cd3ebfb864c81755e524d98aa022152763f25bce8ca3ca90
+size 4119888
diff --git a/sudo-1.9.6p1.tar.gz.sig b/sudo-1.9.6p1.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..f56ea5e2ec07ee284d7c3a328e96175b26a5aca2fdc63cd384d88631f7816d65
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SEvc79j*#(do>(D>r8Z{nJ~i^uQs`q;UHM0$@*)G5`t*5UKRQ
zA<m?5`{COV0F)X}239nEOshRitwEfF@l)mFwrR_sT_4etW>adlKM0QDZJ{kfcM_-*
z-Qj_Db-<-Xs+qx$6P&lV(ZuRFw&E`I2$y@wp>Z*#;xap`iSe9ANz~ToOiBQQ3CKZG
z`TIe54xoc(H&ign;$pQemg+vcMNZnv+@y<>YDWaUzBtz{ba?wizSE<X@UV4BY+o`g
zCDSl(g8^NoG#piQ&kiwFyD*<KE9{Y#s(+I$(W6ej=F7#h&}l6R3)FH6mM>7mtfb|%
zTOYJ_Y__sseenmIU|oH?!pdUIoYSi23)3rc=a{`M41K@dPylZmUN;pg5ek^ZPSaoa
zl~$;*dF&!pmGBKlC_3DMBXMU`%qKxRf%s=zz|Nt<1Is#-p|UY84;=mvyY2Mmb`AwY
z42UD6H}T9`LqEUj{ssY%oeq<)N~)-+gybc2(3>%`#bRf8-D1e5%lipVa|5?G4GI8{
z_~J~sAFkXFo2G5ltvSMEQg+s35F+1TmS2Uu^T=`-`2+tOXMbwJFkO#Sw-!%@tRC1!
z{w~VeO*(yCLq*y_*##qN+=hnZSNGhR%g$z<5en4(3s^rK;Z%vAt)L<{vvZi%#V9ju
zD54lI@P;w)voHc(0$|qYaS>-BYzyuIr~N`ldA_~g*x=}oE@}Q|^D$4}PXp{n`ZbTS
E?Ug1IA^-pY

literal 0
HcmV?d00001

diff --git a/sudo.changes b/sudo.changes
index 77b864d..cb7078c 100644
--- a/sudo.changes
+++ b/sudo.changes
@@ -1,3 +1,62 @@
+-------------------------------------------------------------------
+Sat Mar 20 18:25:12 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.9.6p1
+ * Fixed a regression introduced in sudo 1.9.6 that resulted in an
+   error message instead of a usage message when sudo is run with
+   no arguments.
+ * Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
+ * Fixed a regression introduced in sudo 1.9.4 where the
+   --disable-root-mailer configure option had no effect.
+ * Added a --disable-leaks configure option that avoids some
+   memory leaks on exit that would otherwise occur.  This is intended
+   to be used with development tools that measure memory leaks.  It
+   is not safe to use in production at this time.
+ * Plugged some memory leaks identified by oss-fuzz and ASAN.
+ * Fixed the handling of sudoOptions for an LDAP sudoRole that
+   contains multiple sudoCommands.  Previously, some of the options
+   would only be applied to the first sudoCommand.
+ * Fixed a potential out of bounds read in the parsing of NOTBEFORE
+   and NOTAFTER sudoers command options (and their LDAP equivalents).
+ * The parser used for reading I/O log JSON files is now more
+   resilient when processing invalid JSON.
+ * Fixed typos that prevented "make uninstall" from working.
+ * Fixed a regression introduced in sudo 1.9.4 where the last line
+   in a sudoers file might not have a terminating NUL character
+   added if no newline was present.
+ * Integrated oss-fuzz and LLVM's libFuzzer with sudo.  The new
+   --enable-fuzzer configure option can be combined with the
+   --enable-sanitizer option to build sudo with fuzzing support.
+   Multiple fuzz targets are available for fuzzing different parts
+   of sudo.  Fuzzers are built and tested via "make fuzz" or as part
+   of "make check" (even when sudo is not built with fuzzing support).
+   Fuzzing support currently requires the LLVM clang compiler (not gcc).
+ * Fixed the --enable-static-sudoers configure option.
+ * Fixed a potential out of bounds read sudo when is run by a user
+   with more groups than the value of "max_groups" in sudo.conf.
+ * Added an "admin_flag" sudoers option to make the use of the
+   ~/.sudo_as_admin_successful file configurable on systems where
+   sudo is build with the --enable-admin-flag configure option.
+   This mostly affects Ubuntu and its derivatives.
+ * The "max_groups" setting in sudo.conf is now limited to 1024.
+   This setting is obsolete and should no longer be needed.
+ * Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir"
+   sudoers command options.  A path "~/foo" was expanded to
+   "/home/userfoo" instead of "/home/user/foo".  This also affects
+   the runchroot and runcwd Defaults settings.
+ * Fixed a bug on systems without a native getdelim(3) function
+   where very long lines could cause parsing of the sudoers file
+   to end prematurely.
+ * Fixed a potential integer overflow when converting the
+   timestamp_timeout and passwd_timeout sudoers settings to a
+   timespec struct.
+ * The default for the "group_source" setting in sudo.conf is now
+   "dynamic" on macOS.  Recent versions of macOS do not reliably
+   return all of a user's non-local groups via getgroups(2), even
+   when _DARWIN_UNLIMITED_GETGROUPS is defined.
+ * Fixed a potential use-after-free in the PAM conversation function.
+ * Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
+
 -------------------------------------------------------------------
 Wed Jan 27 00:25:10 UTC 2021 - Simon Lees <sflees@suse.de>
 
diff --git a/sudo.spec b/sudo.spec
index 69d329e..0c5c796 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -22,7 +22,7 @@
 %define use_usretc 1
 %endif
 Name:           sudo
-Version:        1.9.5p2
+Version:        1.9.6p1
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC