Hello community, here is the log from the commit of package sudo for openSUSE:Factory checked in at 2017-02-05 15:44:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sudo (Old) and /work/SRC/openSUSE:Factory/.sudo.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sudo" Changes: -------- --- /work/SRC/openSUSE:Factory/sudo/sudo.changes 2017-01-19 10:34:15.602244556 +0100 +++ /work/SRC/openSUSE:Factory/.sudo.new/sudo.changes 2017-02-05 16:28:06.886293163 +0100 @@ -1,0 +2,10 @@ +Tue Jan 31 16:11:17 UTC 2017 - kstreit...@suse.com + +- add sudo-1.8.19p2-decrement_env_len.patch - In + sudo_unsetenv_nodebug(), decrement envp.env_len after removing + the variable [bsc#981124] +- add sudo-1.8.19p2-dont_overwrite_ret_val.patch - don't overwrite + the return value of ldap_sasl_interactive_bind_s() by the + subsequent call to sudo_set_krb5_ccache_name() [bsc#981124] + +------------------------------------------------------------------- New: ---- sudo-1.8.19p2-decrement_env_len.patch sudo-1.8.19p2-dont_overwrite_ret_val.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sudo.spec ++++++ --- /var/tmp/diff_new_pack.5Mgovd/_old 2017-02-05 16:28:07.650185447 +0100 +++ /var/tmp/diff_new_pack.5Mgovd/_new 2017-02-05 16:28:07.650185447 +0100 @@ -33,6 +33,8 @@ Patch0: sudoers2ldif-env.patch # PATCH-OPENSUSE: the "SUSE" branding of the default sudo config Patch1: sudo-sudoers.patch +Patch2: sudo-1.8.19p2-decrement_env_len.patch +Patch3: sudo-1.8.19p2-dont_overwrite_ret_val.patch BuildRequires: audit-devel BuildRequires: cyrus-sasl-devel BuildRequires: groff @@ -74,6 +76,8 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 %build %ifarch s390 s390x %sparc ++++++ sudo-1.8.19p2-decrement_env_len.patch ++++++ # HG changeset patch # User Todd C. Miller <todd.mil...@courtesan.com> # Date 1484590376 25200 # Node ID 3d87a008671c73ff8c058ce8576cc791d50086cc # Parent 5323dfcfb009a2436bf7bd867e4d308e0935356b In sudo_unsetenv_nodebug(), decrement envp.env_len after removing the variable. From Paul Zirnik of SUSE. diff -r 5323dfcfb009 -r 3d87a008671c plugins/sudoers/env.c --- a/plugins/sudoers/env.c Sun Jan 15 19:13:26 2017 -0700 +++ b/plugins/sudoers/env.c Mon Jan 16 11:12:56 2017 -0700 @@ -497,6 +497,7 @@ char **cur = ep; while ((*cur = *(cur + 1)) != NULL) cur++; + env.env_len--; /* Keep going, could be multiple instances of the var. */ } else { ep++; ++++++ sudo-1.8.19p2-dont_overwrite_ret_val.patch ++++++ # HG changeset patch # User Todd C. Miller <todd.mil...@courtesan.com> # Date 1484590826 25200 # Node ID 448baff2b586d8b777d9e5c01ce8e58d61d62b9a # Parent 3d87a008671c73ff8c058ce8576cc791d50086cc Don't overwrite the return value of ldap_sasl_interactive_bind_s() by the subsequent call to sudo_set_krb5_ccache_name(). From Paul Zirnik of SUSE. diff -r 3d87a008671c -r 448baff2b586 plugins/sudoers/ldap.c --- a/plugins/sudoers/ldap.c Mon Jan 16 11:12:56 2017 -0700 +++ b/plugins/sudoers/ldap.c Mon Jan 16 11:20:26 2017 -0700 @@ -3002,7 +3002,7 @@ static int sudo_ldap_bind_s(LDAP *ld) { - int ret; + int rc, ret; debug_decl(sudo_ldap_bind_s, SUDOERS_DEBUG_LDAP) #ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S @@ -3025,27 +3025,27 @@ } if (new_ccname != NULL) { - ret = sudo_set_krb5_ccache_name(new_ccname, &old_ccname); - if (ret == 0) { + rc = sudo_set_krb5_ccache_name(new_ccname, &old_ccname); + if (rc == 0) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "set ccache name %s -> %s", old_ccname ? old_ccname : "(none)", new_ccname); } else { sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO, - "sudo_set_krb5_ccache_name() failed: %d", ret); + "sudo_set_krb5_ccache_name() failed: %d", rc); } } ret = ldap_sasl_interactive_bind_s(ld, ldap_conf.binddn, "GSSAPI", NULL, NULL, LDAP_SASL_QUIET, sudo_ldap_sasl_interact, auth_id); if (new_ccname != NULL) { - ret = sudo_set_krb5_ccache_name(old_ccname ? old_ccname : "", NULL); - if (ret == 0) { + rc = sudo_set_krb5_ccache_name(old_ccname ? old_ccname : "", NULL); + if (rc == 0) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "restore ccache name %s -> %s", new_ccname, old_ccname ? old_ccname : "(none)"); } else { sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO, - "sudo_set_krb5_ccache_name() failed: %d", ret); + "sudo_set_krb5_ccache_name() failed: %d", rc); } /* Remove temporary copy of user's credential cache. */ if (tmp_ccname != NULL)