commit sudo for openSUSE:Factory
Hello community, here is the log from the commit of package sudo for openSUSE:Factory checked in at Thu Feb 25 02:34:38 CET 2010. -------- --- sudo/sudo.changes 2010-01-26 22:52:49.000000000 +0100 +++ /mounts/work_src_done/STABLE/sudo/sudo.changes 2010-02-24 17:24:46.000000000 +0100 @@ -1,0 +2,25 @@ +Wed Feb 24 16:19:35 UTC 2010 - prusnak@suse.cz + +- updated to 1.7.2p4 + * Fixed the expansion of the %h escape in #include file names + introduced in sudo 1.7.1. + * Fixed a a bug where the negation operator in a Cmnd_List + was not being honored. + * No longer produce a parse error when #includedir references + a directory that contains no valid filenames. + * The sudo.man.pl and sudoers.man.pl files are now included + in the distribution for people who wish to regenerate the man pages. + * Fixed the emulation of krb5_get_init_creds_opt_alloc() for MIT kerberos. + * When authenticating via PAM, set PAM_RUSER and PAM_RHOST early + so they can be used during authentication. + * Fix printing of entries with multiple host entries on + a single line. + * Fix use after free when sending error messages via email. + * Use setrlimit64(), if available, instead of setrlimit() + when setting AIX resource limits since rlim_t is 32bits. + * Fix size arg when realloc()ing include stack. + * Avoid a duplicate fclose() of the sudoers file. + * Fix a bug that could allow users with permission to run sudoedit + to run arbitrary commands. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- sudo-1.7.2.tar.bz2 New: ---- sudo-1.7.2p4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sudo.spec ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package sudo (Version 1.7.2) +# spec file for package sudo (Version 1.7.2p4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,13 +22,13 @@ BuildRequires: openldap2-devel pam-devel postfix BuildRequires: libselinux-devel PreReq: coreutils -Version: 1.7.2 -Release: 2 +Version: 1.7.2p4 +Release: 1 Group: System/Base License: BSD3c(or similar) Url: http://www.sudo.ws/ Summary: Execute some commands as root -Source0: %{name}-%{version}.tar.bz2 +Source0: http://sudo.ws/sudo/dist/%{name}-%{version}.tar.gz Source1: %{name}.pamd Source2: README.SUSE Patch1: %{name}-1.7.1-defaults.diff @@ -96,7 +96,7 @@ %install make DESTDIR=$RPM_BUILD_ROOT install -install -d -m 700 $RPM_BUILD_ROOT/var/run/sudo +install -d -m 700 $RPM_BUILD_ROOT%{_localstatedir}/run/sudo install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sudo install -m 755 sudoers2ldif $RPM_BUILD_ROOT%{_sbindir}/sudoers2ldif @@ -119,6 +119,6 @@ %{_bindir}/sudoedit %{_sbindir}/* %{_libexecdir}/sudo -/var/run/sudo +%{_localstatedir}/run/sudo %changelog ++++++ sudo-1.7.1-__P.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,6 +1,8 @@ ---- compat.h +Index: compat.h +=================================================================== +--- compat.h.orig +++ compat.h -@@ -28,6 +28,7 @@ +@@ -29,6 +29,7 @@ */ /* Deal with ANSI stuff reasonably. */ ++++++ sudo-1.7.1-defaults.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,6 +1,8 @@ ---- defaults.c +Index: defaults.c +=================================================================== +--- defaults.c.orig +++ defaults.c -@@ -430,9 +430,6 @@ +@@ -418,9 +418,6 @@ init_defaults() #ifdef FQDN def_fqdn = TRUE; #endif ++++++ sudo-1.7.1-env.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,4 +1,6 @@ ---- sudoers2ldif +Index: sudoers2ldif +=================================================================== +--- sudoers2ldif.orig +++ sudoers2ldif @@ -1,4 +1,4 @@ -#!/usr/bin/env perl ++++++ sudo-1.7.1-pam_rhost.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,12 +1,14 @@ ---- auth/pam.c +Index: auth/pam.c +=================================================================== +--- auth/pam.c.orig +++ auth/pam.c -@@ -209,7 +209,9 @@ +@@ -111,7 +111,9 @@ pam_init(pw, promptp, auth) + * We set PAM_RHOST to avoid a bug in Solaris 7 and below. */ - (void) pam_set_item(pamh, PAM_USER, pw->pw_name); (void) pam_set_item(pamh, PAM_RUSER, user_name); +#if 0 /* we don't care about Solaris bugs */ (void) pam_set_item(pamh, PAM_RHOST, user_host); +#endif /* - * Set credentials (may include resource limits, device ownership, etc). + * Some versions of pam_lastlog have a bug that ++++++ sudo-1.7.1-secure_path.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,6 +1,8 @@ ---- env.c +Index: env.c +=================================================================== +--- env.c.orig +++ env.c -@@ -688,7 +688,7 @@ +@@ -700,7 +700,7 @@ rebuild_env(sudo_mode, noexec) } } /* Replace the PATH envariable with a secure one? */ @@ -9,9 +11,11 @@ sudo_setenv("PATH", def_secure_path, TRUE); SET(didvar, DID_PATH); } ---- find_path.c +Index: find_path.c +=================================================================== +--- find_path.c.orig +++ find_path.c -@@ -87,7 +87,7 @@ +@@ -87,7 +87,7 @@ find_path(infile, outfile, sbp, path) } /* Use PATH passed in unless SECURE_PATH is in effect. */ @@ -20,9 +24,11 @@ path = def_secure_path; else if (path == NULL) return(NOT_FOUND); ---- logging.c +Index: logging.c +=================================================================== +--- logging.c.orig +++ logging.c -@@ -433,7 +433,7 @@ +@@ -434,7 +434,7 @@ send_mail(line) #ifndef NO_ROOT_MAILER static char *root_envp[] = { "HOME=/", @@ -31,7 +37,9 @@ "LOGNAME=root", "USERNAME=root", "USER=root", ---- pathnames.h.in +Index: pathnames.h.in +=================================================================== +--- pathnames.h.in.orig +++ pathnames.h.in @@ -41,9 +41,10 @@ #define _PATH_DEVNULL "/dev/null" ++++++ sudo-1.7.1-strip.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,6 +1,8 @@ ---- Makefile.in +Index: Makefile.in +=================================================================== +--- Makefile.in.orig +++ Makefile.in -@@ -415,11 +415,11 @@ +@@ -417,11 +417,11 @@ install-dirs: $(DESTDIR)$(noexecdir) install-binaries: install-dirs $(PROGS) ++++++ sudo-1.7.1-sudoers.diff ++++++ --- /var/tmp/diff_new_pack.DHjFjk/_old 2010-02-25 02:34:14.000000000 +0100 +++ /var/tmp/diff_new_pack.DHjFjk/_new 2010-02-25 02:34:14.000000000 +0100 @@ -1,6 +1,8 @@ ---- sudo.man.in +Index: sudo.man.in +=================================================================== +--- sudo.man.in.orig +++ sudo.man.in -@@ -180,8 +180,8 @@ +@@ -190,8 +190,8 @@ is initialized based on the group file ( specified). If the invoking user is root or if the target user is the same as the invoking user, no password is required. Otherwise, \&\fBsudo\fR requires that users authenticate themselves with a password @@ -11,7 +13,9 @@ a timestamp is updated and the user may then use sudo without a password for a short period of time (\f(CW\*(C`@timeout@\*(C'\fR minutes unless overridden in \fIsudoers\fR). ---- sudoers +Index: sudoers +=================================================================== +--- sudoers.orig +++ sudoers @@ -15,6 +15,26 @@ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de