Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package sudo for openSUSE:Factory checked in at 2022-03-28 16:58:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sudo (Old) and /work/SRC/openSUSE:Factory/.sudo.new.1900 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sudo" Mon Mar 28 16:58:48 2022 rev:130 rq:964748 version:1.9.10 Changes: -------- --- /work/SRC/openSUSE:Factory/sudo/sudo.changes 2022-03-11 11:36:22.646275106 +0100 +++ /work/SRC/openSUSE:Factory/.sudo.new.1900/sudo.changes 2022-03-28 16:59:19.456868554 +0200 @@ -1,0 +2,53 @@ +Thu Mar 24 08:18:58 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 1.9.10: + * Added new log_passwords and passprompt_regex sudoers options. If + log_passwords is disabled, sudo will attempt to prevent passwords from being + logged. If sudo detects any of the regular expressions in the passprompt_regex + list in the terminal output, sudo will log ???*??? characters instead of the + terminal input until a newline or carriage return is found in the input or an + output character is received. + * Added new log_passwords and passprompt_regex settings to sudo_logsrvd that + operate like the sudoers options when logging terminal input. + * Fixed several few bugs in the cvtsudoers utility when merging multiple sudoers + sources. + * Fixed a bug in sudo_logsrvd parsing the sudo_logsrvd.conf file, where the + retry_interval in the [relay] section was not being recognized. + * Restored the pre-1.9.9 behavior of not performing authentication when sudo???s -n + option is specified. A new noninteractive_auth sudoers option has been added to + enable PAM authentication in non-interactive mode. GitHub issue #131. + * On systems with /proc, if the /proc/self/stat (Linux) or /proc/pid/psinfo + (other systems) file is missing or invalid, sudo will now check file + descriptors 0-2 to determine the user???s terminal. Bug #1020. + * Fixed a compilation problem on Debian kFreeBSD. Bug #1021. + * Fixed a crash in sudo_logsrvd when running in relay mode if an alert message is + received. + * Fixed an issue that resulting in ???problem with defaults entries??? email to be + sent if a user ran sudo when the sudoers entry in the nsswitch.conf file + includes ???sss??? but no sudo provider is configured in /etc/sssd/sssd.conf. + * Updated the warning displayed when the invoking user is not allowed to run + sudo. If sudo has been configured to send mail on failed attempts (see the + mail_* flags in sudoers), it will now print ???This incident has been reported to + the administrator.??? If the mailto or mailerpath sudoers settings are disabled, + the message will not be printed and no mail will be sent. + * Fixed a bug where the user-specified command timeout was not being honored if + the sudoers rule did not also specify a timeout. + * Added support for using POSIX extended regular expressions in sudoers rules. A + command and/or arguments in sudoers are treated as a regular expression if they + start with a ???^??? character and end with a ???$???. The command and arguments are + matched separately, either one (or both) may be a regular expression. + * A user may now only run sudo -U otheruser -l if they have a ???sudo ALL??? + privilege where the RunAs user contains either root or otheruser. Previously, + having ???sudo ALL??? was sufficient, regardless of the RunAs user. GitHub issue + #134. + * The sudo lecture is now displayed immediately before the password prompt. As a + result, sudo will no longer display the lecture unless the user needs to enter + a password. Authentication methods that don???t interact with the user via a + terminal do not trigger the lecture. + * Sudo now uses its own closefrom() emulation on Linux systems. The glibc version + may not work in a chroot jail where /proc is not available. If close_range(2) + is present, it will be used in preference to /proc/self/fd. +- drop sudo-1.9.9-honor-T_opt.patch , feature-upstream-restrict-sudo-U-other-l.patch + (upstream) + +------------------------------------------------------------------- Old: ---- feature-upstream-restrict-sudo-U-other-l.patch sudo-1.9.9-honor-T_opt.patch sudo-1.9.9.tar.gz sudo-1.9.9.tar.gz.sig New: ---- sudo-1.9.10.tar.gz sudo-1.9.10.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sudo.spec ++++++ --- /var/tmp/diff_new_pack.uwb7jK/_old 2022-03-28 16:59:20.136869478 +0200 +++ /var/tmp/diff_new_pack.uwb7jK/_new 2022-03-28 16:59:20.140869484 +0200 @@ -22,7 +22,7 @@ %define use_usretc 1 %endif Name: sudo -Version: 1.9.9 +Version: 1.9.10 Release: 0 Summary: Execute some commands as root License: ISC @@ -38,8 +38,6 @@ Source7: README_313276.test # PATCH-OPENSUSE: the "SUSE" branding of the default sudo config Patch0: sudo-sudoers.patch -Patch1: feature-upstream-restrict-sudo-U-other-l.patch -Patch2: sudo-1.9.9-honor-T_opt.patch BuildRequires: audit-devel BuildRequires: cyrus-sasl-devel BuildRequires: groff ++++++ sudo-1.9.9.tar.gz -> sudo-1.9.10.tar.gz ++++++ ++++ 66463 lines of diff (skipped)