Update to latest development version 1.9.0b1

2020-03-03 12:48:10 +01:00 · 2020-03-03 12:48:10 +01:00 · 19b1d360de
commit 19b1d360de
parent 709fe6b2d8
3 changed files with 30 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -20,3 +20,4 @@
 /sudo-1.8.28.tar.gz
 /sudo-1.8.28p1.tar.gz
 /sudo-1.8.29.tar.gz
+/sudo-1.9.0b1.tar.gz
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (sudo-1.8.29.tar.gz) = ea780922b2afb47df4df4b533fb355fd916cb18a6bfd13c7ca36a25b03ef585d805648c6fa85692bea363b1f83664ac3bc622f99bcd149b3a86f70522eb4d340
+SHA512 (sudo-1.9.0b1.tar.gz) = 7459d398514b54c6898a3eaebca141f39af661cda51c007e068bea1cc1860df1bc66ea13c752da8f6bf3d574ba92e337874b20279e1400cfea99982a469f5435
--- a/sudo.spec
+++ b/sudo.spec
@ -1,10 +1,10 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.8.29
-Release: 2%{?dist}
+Version: 1.9.0
+Release: 0.1.b1%{?dist}
 License: ISC
 URL: http://www.courtesan.com/sudo/
-Source0: https://www.sudo.ws/dist/%{name}-%{version}.tar.gz
+Source0: https://www.sudo.ws/dist/beta/%{name}-%{version}b1.tar.gz
 Source1: sudoers
 Requires: pam
 Recommends: vim-minimal
@ -45,7 +45,7 @@ The %{name}-devel package contains header files developing sudo
 plugins that use %{name}.

 %prep
-%setup -q
+%setup -q -n sudo-1.9.0b1

 %patch1 -p1 -b .strip

@ -152,6 +152,7 @@ EOF
 %config(noreplace) /etc/pam.d/sudo-i
 %attr(0644,root,root) %{_tmpfilesdir}/sudo.conf
 %attr(0644,root,root) /etc/dnf/protected.d/sudo.conf
+%attr(0644,root,root) /etc/sudo.conf
 %dir /var/db/sudo
 %dir /var/db/sudo/lectured
 %attr(4111,root,root) %{_bindir}/sudo
@ -160,6 +161,8 @@ EOF
 %attr(0755,root,root) %{_sbindir}/visudo
 %{_bindir}/cvtsudoers
 %dir %{_libexecdir}/sudo
+%attr(0755,root,root) %{_sbindir}/sudo_logsrvd
+%attr(0755,root,root) %{_sbindir}/sudo_sendlog
 %attr(0755,root,root) %{_libexecdir}/sudo/sesh
 %attr(0644,root,root) %{_libexecdir}/sudo/sudo_noexec.so
 %attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
@ -177,6 +180,11 @@ EOF
 %{_mandir}/man8/visudo.8*
 %{_mandir}/man1/cvtsudoers.1.gz
 %{_mandir}/man5/sudoers_timestamp.5.gz
+%{_mandir}/man5/sudo_logsrv.proto.5.gz
+%{_mandir}/man5/sudo_logsrvd.conf.5.gz
+%{_mandir}/man8/sudo_logsrvd.8.gz
+%{_mandir}/man8/sudo_plugin_python.8.gz
+%{_mandir}/man8/sudo_sendlog.8.gz
 %dir %{_pkgdocdir}/
 %{_pkgdocdir}/*
 %{!?_licensedir:%global license %%doc}
@ -189,6 +197,22 @@ EOF
 %{_mandir}/man8/sudo_plugin.8*

 %changelog
+* Mon Feb 24 2020 Attila Lakatos <alakatos@redhat.com> - 1.9.0-0.1.b1
+- update to latest development version 1.9.0b1
+- added sudo_logsrvd and sudo_sendlog to files and their appropriate man pages
+Resolves: rhbz#1787823
+- Stack based buffer overflow in when pwfeedback is enabled
+Resolves: rhbz#1796945
+- fixes: CVE-2019-18634 
+- By using ! character in the shadow file instead of a password hash can access to a run as all sudoer account
+Resolves: rhbz#1786709
+- fixes CVE-2019-19234
+- attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user
+Resolves: rhbz#1786705
+- fixes CVE-2019-19232
+- setrlimit(RLIMIT_CORE): Operation not permitted warning message fix
+Resolves: rhbz#1773148
+
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.29-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild