commit munge for openSUSE:Factory

Wed, 11 Feb 2026 09:49:00 -0800 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package munge for openSUSE:Factory checked 
in at 2026-02-11 18:47:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/munge (Old)
 and      /work/SRC/openSUSE:Factory/.munge.new.1670 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "munge"

Wed Feb 11 18:47:47 2026 rev:23 rq:1332317 version:0.5.18

Changes:
--------
--- /work/SRC/openSUSE:Factory/munge/munge.changes      2025-09-04 
18:02:25.766410388 +0200
+++ /work/SRC/openSUSE:Factory/.munge.new.1670/munge.changes    2026-02-11 
18:48:28.936457072 +0100
@@ -1,0 +2,30 @@
+Tue Feb 10 19:59:22 UTC 2026 - Egbert Eich <[email protected]>
+
+- Update to version 0.5.18:
+  * Fix buffer overflow in message unpacking that allows local users
+    to leak the MUNGE cryptographic key and forge credential.
+    credentials (bsc#1257651, CVE-2026-25506).
+  * Fixed out-of-bounds read in credential decoding.
+  * Fixed build failure on legacy macOS without `clock_gettime()`.
+
+-------------------------------------------------------------------
+Mon Feb  9 12:57:16 UTC 2026 - Egbert Eich <[email protected]>
+
+- Update to version 0.5.17:
+  * Added `MUNGE_OPT_IGNORE_TTL` and `MUNGE_OPT_IGNORE_REPLAY`.
+  * Added `unmunge --ignore-ttl` and `--ignore-replay` cmdline opts.
+  * Added configure `--with-systemdsysusersdir` opt.
+  * Changed logrotate config to drop privileges to munge user.
+  * Changed test suite to bail out immediately on munged startup failures.
+  * Fixed encode/decode payload limit asymmetry.
+  * Fixed cross-compilation support in configure script.
+  * Improved mlockall error diagnostics and documentation.
+  * Improved origin address configuration warnings.
+  This release is backwards-compatible to 0.5.
+- Remove tempfiles settings. This is handled by `RuntimeDirectory`
+  in the `munge.service`.
+- Remove tests for having systemd and sysusers: we no longer support
+  stuff that's so old that this is required.
+- Use sysuser file the package comes with.
+
+-------------------------------------------------------------------

Old:
----
  munge-0.5.16.tar.gz

New:
----
  munge-0.5.18.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ munge.spec ++++++
--- /var/tmp/diff_new_pack.v830Vr/_old  2026-02-11 18:48:29.560483277 +0100
+++ /var/tmp/diff_new_pack.v830Vr/_new  2026-02-11 18:48:29.560483277 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package munge
 #
-# Copyright (c) 2025 SUSE LLC and contributors
+# Copyright (c) 2026 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -21,24 +21,13 @@
   %define _fillupdir /var/adm/fillup-templates
 %endif
 
-%if 0%{?suse_version} >= 1210
-%define have_systemd 1
- %if 0%{?sle_version} >= 150000 || 0%{?is_opensuse}
-  %define have_sysuser 1
- %endif
-%endif
 %define lversion 2
 
 %define munge_g %name
-%if 0%{?have_systemd}
- %define munge_u %name
-%else
- %define munge_u daemon
-%endif
-%define munge_descr "MUNGE authentication service"
+%define munge_u %name
 
 Name:           munge
-Version:        0.5.16
+Version:        0.5.18
 Release:        0
 Summary:        An authentication service for creating and validating 
credentials
 License:        GPL-3.0-or-later AND LGPL-3.0-or-later
@@ -65,12 +54,10 @@
 Requires(pre):  shadow
 %endif
 Requires(post): coreutils
-%if 0%{?have_systemd}
 BuildRequires:  systemd-rpm-macros
+BuildRequires:  sysuser-tools
 BuildRequires:  pkgconfig(systemd)
-%{?have_sysuser:BuildRequires:  sysuser-tools}
 %{?systemd_requires}
-%endif
 Requires(post): coreutils
 Requires(postun): coreutils
 
@@ -104,7 +91,6 @@
 authenication service.
 
 %{!?_rundir:%define _rundir %_localstatedir/run}
-%{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}
 %define munge_run %_rundir/munge
 
 %prep
@@ -119,7 +105,7 @@
     --with-crypto-lib=openssl \
     --with-logrotateddir=%{_sysconfdir}/logrotate.d \
     --with-pkgconfigdir=%{_libdir}/pkgconfig \
-%{?have_systemd:--with-systemdunitdir=%{_unitdir}} \
+    --with-systemdunitdir=%{_unitdir} \
     --with-runstatedir=%{_rundir}
 %if 0%{!?make_build:1}
 %define make_build make %{?_smp_mflags}
@@ -136,33 +122,16 @@
 install -m 0755 -d %{buildroot}%{_fillupdir}
 sed -i -e "/missingok/a\ \ \ \ su munge munge" 
%{buildroot}/%{_sysconfdir}/logrotate.d/munge
 # We don't want systemd file on SLE 11
-%if 0%{!?have_systemd:1}
-   test -d %{buildroot}%{_prefix}/lib/systemd && \
-      rm -rf %{buildroot}%{_prefix}/lib/systemd
-   test -f %{buildroot}/lib/systemd/system/munge.service && \
-      rm -f %{buildroot}/lib/systemd/system/munge.service
-   sed -i 's/USER="munge"/USER="%munge_u"/g' %{buildroot}/%{_initrddir}/%{name}
-   ln -s -f %{_initrddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}
-   rm -f %{buildroot}%{_sysconfdir}/sysconfig/munge
-   cp -p %{S:2} %{buildroot}%{_fillupdir}/sysconfig.munge
-%else
   sed -i 's/User=munge/User=%munge_u/g' %{buildroot}%{_unitdir}/munge.service
   sed -i 's/Group=munge/Group=%munge_g/g' %{buildroot}%{_unitdir}/munge.service
   rm -f %{buildroot}%{_initddir}/munge
   rm -Rf %{buildroot}/%{munge_run}
   rm -Rf %{buildroot}/%{_rundir}
-  mkdir -p %{buildroot}%{_tmpfilesdir}
-  cp src/etc/munge.tmpfiles.conf %{buildroot}%{_tmpfilesdir}/munge.conf
-  sed -i 's/munge \+munge/%munge_u %munge_g/g' 
%{buildroot}%{_tmpfilesdir}/munge.conf
   ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
   mv %{buildroot}%{_sysconfdir}/sysconfig/munge \
      %{buildroot}%{_fillupdir}/sysconfig.munge
-  %if 0%{?have_sysuser}
-  echo -e "u %munge_u - \"%munge_descr\" %{munge_run}\n" > 
system-user-%{name}.conf
-  %sysusers_generate_pre system-user-%{name}.conf %{name} 
system-user-%{name}.conf
-  install -D -m 644 system-user-%{name}.conf 
%{buildroot}%{_sysusersdir}/system-user-%{name}.conf
-  %endif
-%endif
+  sed -i -e 's/^\(u \)[^ ]*\(.*\)/\1%munge_u\2/' 
%{buildroot}%{_sysusersdir}/%{name}.conf
+  %sysusers_generate_pre %{buildroot}%{_sysusersdir}/%{name}.conf %{name} 
%{name}.conf
 
 %check
 # To debug add verbose=t to T_LOG_DRIVER variable in t/Makefile.am
@@ -172,24 +141,11 @@
 
 %postun -n lib%{name}%{lversion} -p /sbin/ldconfig
 
-%pre %{?have_sysuser:-f %{name}.pre}
-%if 0%{?have_systemd}
+%pre -f %{name}.pre
 %service_add_pre munge.service
-%endif
-%if 0%{!?have_sysuser:1}
-getent group %munge_g >/dev/null || groupadd -r %munge_g
-[ "%munge_u" = "daemon" ] || \
-{ getent passwd %munge_u >/dev/null \
-    || useradd -r -g %munge_g -d %munge_run -s /bin/false -c %munge_descr 
%munge_u; }
-exit 0
-%endif
 
 %preun
-%if 0%{?have_systemd}
 %service_del_preun munge.service
-%else
-%stop_on_removal munge
-%endif
 
 %define fixperm() [ -e %1 ] && /bin/chown -h %munge_u:%munge_g %1
 
@@ -202,12 +158,7 @@
 else
     rm -f %{_sysconfdir}/munge/munge.key
 fi
-%if 0%{?have_systemd}
 %service_del_postun munge.service
-%else
-%restart_on_update munge
-%insserv_cleanup
-%endif
 
 %post
 if [ $1 -eq 1 ]
@@ -242,12 +193,8 @@
     /bin/mv -f $tmpfile %{_sysconfdir}/munge/munge.key
 fi
 /usr/bin/rm -rf ${tmpdir}
-%if 0%{?have_systemd}
 %service_add_post munge.service
 %{fillup_only}
-%else
-%{fillup_and_insserv -i munge}
-%endif
 
 %files
 %doc AUTHORS
@@ -277,16 +224,10 @@
 %{_bindir}/*
 %{_sbindir}/*
 %{_mandir}/*[^3]/*
-%if 0%{?have_systemd}
 %dir %attr(0755,%munge_u,%munge_g) %ghost %{munge_run}
 %{_unitdir}/munge.service
-%{_tmpfilesdir}/munge.conf
-%else
-%dir %attr(0755,%munge_u,%munge_g) %{munge_run}
-%{_initddir}/munge
-%endif
 %dir %attr(0755,munge,munge) %ghost %{munge_run}/munged.pid
-%{?have_sysuser:%{_sysusersdir}/system-user-%{name}.conf}
+%{_sysusersdir}/%{name}.conf
 
 %files devel
 %{_includedir}/*

++++++ munge-0.5.16.tar.gz -> munge-0.5.18.tar.gz ++++++
++++ 12250 lines of diff (skipped)

Reply via email to