Hello community, here is the log from the commit of package sudo for openSUSE:Factory checked in at 2016-07-01 09:53:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sudo (Old) and /work/SRC/openSUSE:Factory/.sudo.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "sudo" Changes: -------- --- /work/SRC/openSUSE:Factory/sudo/sudo.changes 2016-06-07 23:43:30.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.sudo.new/sudo.changes 2016-07-01 09:53:50.000000000 +0200 @@ -1,0 +2,57 @@ +Wed Jun 22 21:02:46 UTC 2016 - michael@stroeder.com + +- update to 1.8.17p1: + * Fixed a bug introduced in 1.8.17 where the user's groups were + not set on systems that don't use PAM. Bug #749. + +------------------------------------------------------------------- +Sun Jun 19 14:01:44 UTC 2016 - michael@stroeder.com + +- removed obsolete patch sudo-1.8.16-pam_groups.patch +- update to 1.8.17: + * On AIX, if /etc/security/login.cfg has auth_type set to PAM_AUTH + but pam_start(3) fails, fall back to AIX authentication. + Bug #740. + * Sudo now takes all sudoers sources into account when determining + whether or not "sudo -l" or "sudo -b" should prompt for a password. + In other words, if both file and ldap sudoers sources are in + specified in /etc/nsswitch.conf, "sudo -v" will now require that + all entries in both sources be have NOPASSWD (file) or !authenticate + (ldap) in the entries. + * Sudo now ignores SIGPIPE until the command is executed. Previously, + SIGPIPE was only ignored in a few select places. Bug #739. + * Fixed a bug introduced in sudo 1.8.14 where (non-syslog) log + file entries were missing the newline when loglinelen is set to + a non-positive number. Bug #742. + * Unix groups are now set before the plugin session intialization + code is run. This makes it possible to use dynamic groups with + the Linux-PAM pam_group module. + * Fixed a bug where a debugging statement could dereference a NULL + pointer when looking up a group that doesn't exist. Bug #743. + * Sudo has been run through the Coverity code scanner. A number of + minor bugs have been fixed as a result. None were security issues. + * SELinux support, which was broken in 1.8.16, has been repaired. + * Fixed a bug when logging I/O where all output buffers might not + get flushed at exit. + * Forward slashes are no longer escaped in the JSON output of + "visudo -x". This was never required by the standard and not + escaping them improves readability of the output. + * Sudo no longer treats PAM_SESSION_ERR as a fatal error when + opening the PAM session. Other errors from pam_open_session() + are still treated as fatal. This avoids the "policy plugin + failed session initialization" error message seen on some systems. + * Korean translation for sudo and sudoers from translationproject.org. + * Fixed a bug on AIX where the stack size hard resource limit was + being set to 2GB instead of 4GB on 64-bit systems. + * The SSSD backend now properly supports "sudo -U otheruser -l". + * The SSSD backend now uses the value of "ipa_hostname" + from sssd.conf, if specified, when matching the host name. + * Fixed a hang on some systems when the command is being run in + a pty and it failed to execute. + * When performing a wildcard match in sudoers, check for an exact + string match if the user command was fully-qualified (or resolved + via the PATH). This fixes an issue executing scripts on Linux + when there are multiple wildcard matches with the same base name. + Bug #746. + +------------------------------------------------------------------- Old: ---- sudo-1.8.16-pam_groups.patch sudo-1.8.16.tar.gz sudo-1.8.16.tar.gz.sig New: ---- sudo-1.8.17p1.tar.gz sudo-1.8.17p1.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sudo.spec ++++++ --- /var/tmp/diff_new_pack.WsJK0O/_old 2016-07-01 09:53:51.000000000 +0200 +++ /var/tmp/diff_new_pack.WsJK0O/_new 2016-07-01 09:53:51.000000000 +0200 @@ -17,7 +17,7 @@ Name: sudo -Version: 1.8.16 +Version: 1.8.17p1 Release: 0 Summary: Execute some commands as root License: ISC @@ -33,7 +33,6 @@ Patch0: sudoers2ldif-env.patch # PATCH-OPENSUSE: the "SUSE" branding of the default sudo config Patch1: sudo-sudoers.patch -Patch2: sudo-1.8.16-pam_groups.patch BuildRequires: audit-devel BuildRequires: cyrus-sasl-devel BuildRequires: groff @@ -75,7 +74,6 @@ %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 %build %ifarch s390 s390x %sparc