Accepting request 886601 from Base:System

OBS-URL: https://build.opensuse.org/request/show/886601
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=122

sudo-1.9.5p2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978
-size 4012277

sudo-1.9.6p1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a9e9cdc058fafeb9cd3ebfb864c81755e524d98aa022152763f25bce8ca3ca90
+size 4119888

sudo.changes

@@ -1,3 +1,62 @@
+-------------------------------------------------------------------
+Sat Mar 20 18:25:12 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.9.6p1
+ * Fixed a regression introduced in sudo 1.9.6 that resulted in an
+   error message instead of a usage message when sudo is run with
+   no arguments.
+ * Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
+ * Fixed a regression introduced in sudo 1.9.4 where the
+   --disable-root-mailer configure option had no effect.
+ * Added a --disable-leaks configure option that avoids some
+   memory leaks on exit that would otherwise occur.  This is intended
+   to be used with development tools that measure memory leaks.  It
+   is not safe to use in production at this time.
+ * Plugged some memory leaks identified by oss-fuzz and ASAN.
+ * Fixed the handling of sudoOptions for an LDAP sudoRole that
+   contains multiple sudoCommands.  Previously, some of the options
+   would only be applied to the first sudoCommand.
+ * Fixed a potential out of bounds read in the parsing of NOTBEFORE
+   and NOTAFTER sudoers command options (and their LDAP equivalents).
+ * The parser used for reading I/O log JSON files is now more
+   resilient when processing invalid JSON.
+ * Fixed typos that prevented "make uninstall" from working.
+ * Fixed a regression introduced in sudo 1.9.4 where the last line
+   in a sudoers file might not have a terminating NUL character
+   added if no newline was present.
+ * Integrated oss-fuzz and LLVM's libFuzzer with sudo.  The new
+   --enable-fuzzer configure option can be combined with the
+   --enable-sanitizer option to build sudo with fuzzing support.
+   Multiple fuzz targets are available for fuzzing different parts
+   of sudo.  Fuzzers are built and tested via "make fuzz" or as part
+   of "make check" (even when sudo is not built with fuzzing support).
+   Fuzzing support currently requires the LLVM clang compiler (not gcc).
+ * Fixed the --enable-static-sudoers configure option.
+ * Fixed a potential out of bounds read sudo when is run by a user
+   with more groups than the value of "max_groups" in sudo.conf.
+ * Added an "admin_flag" sudoers option to make the use of the
+   ~/.sudo_as_admin_successful file configurable on systems where
+   sudo is build with the --enable-admin-flag configure option.
+   This mostly affects Ubuntu and its derivatives.
+ * The "max_groups" setting in sudo.conf is now limited to 1024.
+   This setting is obsolete and should no longer be needed.
+ * Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir"
+   sudoers command options.  A path "~/foo" was expanded to
+   "/home/userfoo" instead of "/home/user/foo".  This also affects
+   the runchroot and runcwd Defaults settings.
+ * Fixed a bug on systems without a native getdelim(3) function
+   where very long lines could cause parsing of the sudoers file
+   to end prematurely.
+ * Fixed a potential integer overflow when converting the
+   timestamp_timeout and passwd_timeout sudoers settings to a
+   timespec struct.
+ * The default for the "group_source" setting in sudo.conf is now
+   "dynamic" on macOS.  Recent versions of macOS do not reliably
+   return all of a user's non-local groups via getgroups(2), even
+   when _DARWIN_UNLIMITED_GETGROUPS is defined.
+ * Fixed a potential use-after-free in the PAM conversation function.
+ * Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
+
 -------------------------------------------------------------------
 Wed Jan 27 00:25:10 UTC 2021 - Simon Lees <sflees@suse.de>
 

sudo.spec

@@ -22,7 +22,7 @@
 %define use_usretc 1
 %endif
 Name:           sudo
-Version:        1.9.5p2
+Version:        1.9.6p1
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC