commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2020-11-02 09:37:55
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new.3463 (New)
Package is "opie"
Mon Nov 2 09:37:55 2020 rev:32 rq:844524 version:2.4
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2020-06-03
20:29:02.544538847 +0200
+++ /work/SRC/openSUSE:Factory/.opie.new.3463/opie.changes 2020-11-02
09:38:01.969474019 +0100
@@ -1,0 +2,7 @@
+Wed Oct 28 09:37:53 UTC 2020 - Matthias Gerstner
+
+- remove opiekeys and opiesu from permissions profiles. Package them normally,
+ because neither of them receives special permissions and we want to keep the
+ permissions profiles clean.
+
+---
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.oenEdn/_old 2020-11-02 09:38:03.001475010 +0100
+++ /var/tmp/diff_new_pack.oenEdn/_new 2020-11-02 09:38:03.005475013 +0100
@@ -120,21 +120,22 @@
SECUREDIR=/%{_lib}/security install
%verifyscript
-%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu -e /etc/opiekeys
+%verify_permissions /usr/bin/opiepasswd
%post
-%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu /etc/opiekeys
+%set_permissions /usr/bin/opiepasswd
%files
%dir /etc/opielocks
-%config(noreplace) /etc/opiekeys
+%attr(0600,root,root) %config(noreplace) /etc/opiekeys
/usr/bin/opieftpd
/usr/bin/opiegen
/usr/bin/opieinfo
/usr/bin/opiekey
/usr/bin/opielogin
%verify(not mode) /usr/bin/opiepasswd
-%verify(not mode) /usr/bin/opiesu
+# packaged without setuid-root, because of bad code quality (bsc#882035)
+%verify(not mode) %attr(0755,root,root) /usr/bin/opiesu
/usr/bin/otp-md4
/usr/bin/otp-md5
/%{_lib}/security/pam_opie.so
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2020-06-03 20:28:52
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new.3606 (New)
Package is "opie"
Wed Jun 3 20:28:52 2020 rev:31 rq:809762 version:2.4
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2019-09-20
14:41:27.531022794 +0200
+++ /work/SRC/openSUSE:Factory/.opie.new.3606/opie.changes 2020-06-03
20:29:02.544538847 +0200
@@ -1,0 +2,5 @@
+Tue May 26 11:16:45 UTC 2020 - Matthias Gerstner
+
+- allso apply permissions macros to /etc/opiekeys
+
+---
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.oO9xKi/_old 2020-06-03 20:29:03.768542567 +0200
+++ /var/tmp/diff_new_pack.oO9xKi/_new 2020-06-03 20:29:03.776542592 +0200
@@ -1,7 +1,7 @@
#
# spec file for package opie
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -120,10 +120,10 @@
SECUREDIR=/%{_lib}/security install
%verifyscript
-%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu
+%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu -e /etc/opiekeys
%post
-%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu
+%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu /etc/opiekeys
%files
%dir /etc/opielocks
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2019-09-20 14:41:26
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new.7948 (New)
Package is "opie"
Fri Sep 20 14:41:26 2019 rev:30 rq:729443 version:2.4
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2019-09-05
12:10:03.587855528 +0200
+++ /work/SRC/openSUSE:Factory/.opie.new.7948/opie.changes 2019-09-20
14:41:27.531022794 +0200
@@ -1,0 +2,6 @@
+Tue Aug 27 07:33:25 UTC 2019 - Jan Engelhardt
+
+- Remove ancient %clean section. Replace old $RPM_* shell vars
+ by macros.
+
+---
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.oKo346/_old 2019-09-20 14:41:29.107022481 +0200
+++ /var/tmp/diff_new_pack.oKo346/_new 2019-09-20 14:41:29.107022481 +0200
@@ -17,14 +17,12 @@
Name: opie
-#!BuildIgnore: opie
-BuildRequires: automake
-BuildRequires: bison
-BuildRequires: pam-devel
-Url:http://www.inner.net/opie
+Summary:Support for One-Time Passwords
+License:SUSE-Innernet-2.0
+Group: Productivity/Security
Version:2.4
Release:0
-Provides: pam_opie
+URL:http://www.inner.net/opie
%define name_pam pam_opie
%define version_pam 0.21
Source0:%{name}-%{version}.tar.bz2
@@ -52,11 +50,12 @@
Patch19:opie-2.4-DESTDIR.patch
Patch20:opie-2.4-pie.patch
Patch21:opie-fix-indendation.patch
-Summary:Support for One-Time Passwords
-License:SUSE-Innernet-2.0
-Group: Productivity/Security
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-PreReq: permissions
+#!BuildIgnore: opie
+BuildRequires: automake
+BuildRequires: bison
+BuildRequires: pam-devel
+Provides: pam_opie
+Requires(post): permissions
%description
OPIE stands for One-time Passwords In Everything. One-time passwords
@@ -96,7 +95,7 @@
%build
%global _lto_cflags %{_lto_cflags} -ffat-lto-objects
# build opie
-export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+export CFLAGS="%{optflags} -fno-strict-aliasing"
export SUID_CFLAGS="-fPIC" SUID_LDFLAGS="-pie"
autoreconf -i -f
%configure --enable-insecure-override
@@ -108,21 +107,18 @@
%install
# install opie
-mkdir -p $RPM_BUILD_ROOT/etc
-mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man1/
+mkdir -p %{buildroot}/etc
+mkdir -p %{buildroot}/%{_mandir}/man1/
#
-make CHOWN=/bin/echo DESTDIR=$RPM_BUILD_ROOT install
-install -m 644 -D opie.h $RPM_BUILD_ROOT%{_includedir}/opie.h
-install -m 644 -D libopie/libopie.a $RPM_BUILD_ROOT%{_libdir}/libopie.a
+%make_install CHOWN=/bin/echo
+install -m 644 -D opie.h %{buildroot}/%{_includedir}/opie.h
+install -m 644 -D libopie/libopie.a %{buildroot}/%{_libdir}/libopie.a
mv %{name_pam}/README ./README.PAM
# install pam_opie
cd %{name_pam}
-make FAKEROOT=$RPM_BUILD_ROOT \
+make FAKEROOT="%{buildroot}" \
SECUREDIR=/%{_lib}/security install
-%clean
-[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] && rm -rf
$RPM_BUILD_ROOT
-
%verifyscript
%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu
@@ -130,7 +126,6 @@
%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu
%files
-%defattr(-,root,root)
%dir /etc/opielocks
%config(noreplace) /etc/opiekeys
/usr/bin/opieftpd
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2019-09-05 12:09:59
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new.7948 (New)
Package is "opie"
Thu Sep 5 12:09:59 2019 rev:29 rq:721693 version:2.4
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2017-04-25
08:54:08.269453445 +0200
+++ /work/SRC/openSUSE:Factory/.opie.new.7948/opie.changes 2019-09-05
12:10:03.587855528 +0200
@@ -1,0 +2,5 @@
+Fri Aug 2 08:16:31 UTC 2019 - Martin Liška
+
+- Use FAT LTO objects in order to provide proper static library.
+
+---
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.DK2Zl1/_old 2019-09-05 12:10:05.995855077 +0200
+++ /var/tmp/diff_new_pack.DK2Zl1/_new 2019-09-05 12:10:05.999855076 +0200
@@ -1,7 +1,7 @@
#
# spec file for package opie
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -94,6 +94,7 @@
%patch21 -p1
%build
+%global _lto_cflags %{_lto_cflags} -ffat-lto-objects
# build opie
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
export SUID_CFLAGS="-fPIC" SUID_LDFLAGS="-pie"
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2017-04-25 08:54:07
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new (New)
Package is "opie"
Tue Apr 25 08:54:07 2017 rev:28 rq:484789 version:2.4
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2012-03-12
08:53:48.0 +0100
+++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2017-04-25
08:54:08.269453445 +0200
@@ -1,0 +2,8 @@
+Mon Apr 3 06:21:18 UTC 2017 - meiss...@suse.com
+
+- opie-fix-indendation.patch: fixed a wrong ; that broke a while()
+ loop
+- opie-2.4-decl.diff: added missing stdlib.h, ctype.h, time.h
+ includes everywhere (bsc#1031339)
+
+---
New:
opie-fix-indendation.patch
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.eNK5LT/_old 2017-04-25 08:54:09.977211963 +0200
+++ /var/tmp/diff_new_pack.eNK5LT/_new 2017-04-25 08:54:09.981211397 +0200
@@ -1,7 +1,7 @@
#
# spec file for package opie
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,6 @@
#
-
Name: opie
#!BuildIgnore: opie
BuildRequires: automake
@@ -24,9 +23,7 @@
BuildRequires: pam-devel
Url:http://www.inner.net/opie
Version:2.4
-Release:708
-License:SUSE-Innernet-2.0
-Group: Productivity/Security
+Release:0
Provides: pam_opie
%define name_pam pam_opie
%define version_pam 0.21
@@ -54,7 +51,10 @@
Patch18:opie-fix-autoconf.patch
Patch19:opie-2.4-DESTDIR.patch
Patch20:opie-2.4-pie.patch
+Patch21:opie-fix-indendation.patch
Summary:Support for One-Time Passwords
+License:SUSE-Innernet-2.0
+Group: Productivity/Security
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: permissions
@@ -91,6 +91,7 @@
%patch17
%patch18
%patch20 -p1
+%patch21 -p1
%build
# build opie
++ opie-2.4-decl.diff ++
--- /var/tmp/diff_new_pack.eNK5LT/_old 2017-04-25 08:54:10.053201217 +0200
+++ /var/tmp/diff_new_pack.eNK5LT/_new 2017-04-25 08:54:10.057200652 +0200
@@ -1,6 +1,8 @@
opie-2.4/libopie/generator.c
+Index: opie-2.4/libopie/generator.c
+===
+--- opie-2.4.orig/libopie/generator.c
+++ opie-2.4/libopie/generator.c
-@@ -49,6 +49,8 @@
+@@ -49,6 +49,8 @@ you didn't get a copy, you may request o
#endif /* DEBUG */
#include "opie.h"
@@ -9,9 +11,11 @@
static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" };
#if OPIEAUTO
opie-2.4/libopie/lookup.c
+Index: opie-2.4/libopie/lookup.c
+===
+--- opie-2.4.orig/libopie/lookup.c
+++ opie-2.4/libopie/lookup.c
-@@ -13,6 +13,7 @@
+@@ -13,6 +13,7 @@ you didn't get a copy, you may request o
#include "opie_cfg.h"
#include
@@ -19,9 +23,11 @@
#include "opie.h"
int opielookup FUNCTION((opie, principal), struct opie *opie AND char
*principal)
opie-2.4/libopie/md4c.c
+Index: opie-2.4/libopie/md4c.c
+===
+--- opie-2.4.orig/libopie/md4c.c
+++ opie-2.4/libopie/md4c.c
-@@ -44,6 +44,8 @@
+@@ -44,6 +44,8 @@ License Agreement applies to this softwa
#include "opie_cfg.h"
#include "opie.h"
@@ -30,9 +36,11 @@
/* Constants for MD4Transform routine.
*/
#define S11 3
opie-2.4/libopie/md5c.c
+Index: opie-2.4/libopie/md5c.c
+===
+--- opie-2.4.orig/libopie/md5c.c
+++ opie-2.4/libopie/md5c.c
-@@ -47,6 +47,7 @@
+@@ -47,6 +47,7 @@ License Agreement applies to this softwa
#include "opie_cfg.h"
#include "opie.h"
@@ -40,9 +48,29 @@
/* Constants for MD5Transform routine.
*/
opie-2.4/libopie/newseed.c
+Index: opie-2.4/libopie/newseed.c
+===
+--- opie-2.4.orig/libopie/newseed.c
+++ opie-2.4/libopie/newseed.c
-@@ -35,6 +35,8 @@
+@@ -16,16 +16,11 @@ you didn't get a copy, you may request o
+ */
+
+ #include "opie_cfg.h"
+-#if HAVE_TIME_H
+ #include
+-#endif /* HAVE_TIME_H */
+-#if HAVE_STRING_H
+ #include
+-#endif /* HAVE_STRING_H */
+ #include
+-#if HAVE_UNISTD_H
+ #include
+-#endif /* HAVE_UNISTD_H */
++#include
+ #if HAVE_SYS_UTSNAME_H
+ #include
+ #endif /* HAVE_SYS_UTSNAME_H */
+@@ -35,6 +30,8
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2012-03-12 08:53:47
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new (New)
Package is opie, Maintainer is meiss...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2011-12-06
18:01:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2012-03-12
08:53:48.0 +0100
@@ -1,0 +2,5 @@
+Fri Feb 24 10:30:28 UTC 2012 - lnus...@suse.de
+
+- make opie program position independent (bnc#743136)
+
+---
New:
opie-2.4-DESTDIR.patch
opie-2.4-pie.patch
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.VoSreW/_old 2012-03-12 08:53:49.0 +0100
+++ /var/tmp/diff_new_pack.VoSreW/_new 2012-03-12 08:53:49.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package opie
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,7 @@
Url:http://www.inner.net/opie
Version:2.4
Release:708
-License:Innernet-2.0
+License:SUSE-Innernet-2.0
Group: Productivity/Security
Provides: pam_opie
%define name_pam pam_opie
@@ -52,6 +52,8 @@
Patch16:opielogin-setuid-CVE-2011-2490.patch
Patch17:opiesu-overflow-CVE-2011-2489.patch
Patch18:opie-fix-autoconf.patch
+Patch19:opie-2.4-DESTDIR.patch
+Patch20:opie-2.4-pie.patch
Summary:Support for One-Time Passwords
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: permissions
@@ -75,10 +77,7 @@
%patch7 -p1
%patch8 -p1
%patch9
-perl -pi -e 's/(?!DESTDIR\))\$\(KEY_FILE\)/\$\(DESTDIR\)\$\(KEY_FILE\)/g'
Makefile.in
-perl -pi -e 's/(?!DESTDIR\))\$\(LOCK_DIR\)/\$\(DESTDIR\)\$\(LOCK_DIR\)/g'
Makefile.in
-perl -pi -e 's/(?!DESTDIR\))\$\(LOCALBIN\)/\$\(DESTDIR\)\$\(LOCALBIN\)/g'
Makefile.in
-perl -pi -e 's/(?!DESTDIR\))\$\(LOCALMAN\)/\$\(DESTDIR\)\$\(LOCALMAN\)/g'
Makefile.in
+%patch19 -p1
%patch10 -p1
%patch11
pushd %{name_pam}
@@ -91,10 +90,12 @@
%patch16
%patch17
%patch18
+%patch20 -p1
%build
# build opie
export CFLAGS=$RPM_OPT_FLAGS -fno-strict-aliasing
+export SUID_CFLAGS=-fPIC SUID_LDFLAGS=-pie
autoreconf -i -f
%configure --enable-insecure-override
make %{?_smp_mflags}
++ opie-2.4-DESTDIR.patch ++
Index: opie-2.4/Makefile.in
===
--- opie-2.4.orig/Makefile.in
+++ opie-2.4/Makefile.in
@@ -136,60 +136,60 @@ client: libopie/libopie.a libmissing/lib
client-install: client
@echo Installing OPIE client software...
@echo Copying OPIE key-related files
- @if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755
$(LOCALBIN); fi
- @cp opiekey $(OPIEAUTO) $(LOCALBIN)
- @cp opiesu $(OPIEAUTO) $(LOCALBIN)
- @cp opielogin $(OPIEAUTO) $(LOCALBIN)
- @cp opieftpd $(OPIEAUTO) $(LOCALBIN)
- @cp opiegen $(OPIEAUTO) $(LOCALBIN)
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opiekey
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opiesu
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opielogin
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opieftpd
- @$(CHOWN) $(OWNER) $(LOCALBIN)/opiegen
- @if test ! -z $(OPIEAUTO); then $(CHOWN) $(OWNER)
$(LOCALBIN)/opieauto; fi
- @chgrp $(GROUP) $(LOCALBIN)/opiekey
+ @if test ! -d $(DESTDIR)$(LOCALBIN); then $(MKDIR)
$(DESTDIR)$(LOCALBIN); chmod 755 $(DESTDIR)$(LOCALBIN); fi
+ @cp opiekey $(OPIEAUTO) $(DESTDIR)$(LOCALBIN)
+ @cp opiesu $(OPIEAUTO) $(DESTDIR)$(LOCALBIN)
+ @cp opielogin $(OPIEAUTO) $(DESTDIR)$(LOCALBIN)
+ @cp opieftpd $(OPIEAUTO) $(DESTDIR)$(LOCALBIN)
+ @cp opiegen $(OPIEAUTO) $(DESTDIR)$(LOCALBIN)
+ @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiekey
+ @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiesu
+ @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opielogin
+ @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opieftpd
+ @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiegen
+ @if test ! -z $(OPIEAUTO); then $(CHOWN) $(OWNER)
$(DESTDIR)$(LOCALBIN)/opieauto; fi
+ @chgrp $(GROUP) $(DESTDIR)$(LOCALBIN)/opiekey
@echo Changing file permissions
- @chmod 0755 $(LOCALBIN)/opiekey
- @chmod 0755 $(LOCALBIN)/opieftpd
- @chmod 0755 $(LOCALBIN)/opiegen
- @chmod 0755 $(LOCALBIN)/opielogin
- @chmod 4755 $(LOCALBIN)/opiesu
- @if
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory checked in
at 2011-12-06 17:59:58
Comparing /work/SRC/openSUSE:Factory/opie (Old)
and /work/SRC/openSUSE:Factory/.opie.new (New)
Package is opie, Maintainer is meiss...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/opie/opie.changes2011-09-23
12:21:03.0 +0200
+++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2011-12-06
18:01:30.0 +0100
@@ -1,0 +2,11 @@
+Mon Dec 5 11:18:38 CET 2011 - meiss...@suse.de
+
+- This package license is actually Innernet, not GPL v2,
+ see /usr/share/doc/packages/opie/License.TIN
+
+---
+Thu Dec 1 15:57:25 UTC 2011 - co...@suse.com
+
+- add automake as buildrequire to avoid implicit dependency
+
+---
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.jUdCBx/_old 2011-12-06 18:01:32.0 +0100
+++ /var/tmp/diff_new_pack.jUdCBx/_new 2011-12-06 18:01:32.0 +0100
@@ -19,14 +19,15 @@
Name: opie
#!BuildIgnore: opie
-BuildRequires: bison pam-devel
+BuildRequires: automake
+BuildRequires: bison
+BuildRequires: pam-devel
Url:http://www.inner.net/opie
Version:2.4
-Release:713
-License:GPLv2+
+Release:708
+License:Innernet-2.0
Group: Productivity/Security
Provides: pam_opie
-AutoReqProv:on
%define name_pam pam_opie
%define version_pam 0.21
Source0:%{name}-%{version}.tar.bz2
@@ -53,6 +54,7 @@
Patch18:opie-fix-autoconf.patch
Summary:Support for One-Time Passwords
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+PreReq: permissions
%description
OPIE stands for One-time Passwords In Everything. One-time passwords
@@ -140,7 +142,7 @@
/%{_lib}/security/pam_opie.so
/%{_includedir}/opie.h
/%{_libdir}/libopie.a
-%doc BUG-REPORT COPYRIGHT.NRL INSTALL License.TIN README README.PAM
+%doc BUG-REPORT COPYRIGHT.NRL License.TIN README README.PAM
%doc %{_mandir}/man*/*
%changelog
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit opie for openSUSE:Factory
Hello community,
here is the log from the commit of package opie for openSUSE:Factory
checked in at Wed Jul 6 10:19:12 CEST 2011.
--- opie/opie.changes 2010-10-31 19:04:12.0 +0100
+++ /mounts/work_src_done/STABLE/opie/opie.changes 2011-07-05
17:15:44.0 +0200
@@ -1,0 +2,8 @@
+Mon Jun 27 16:51:42 CEST 2011 - meiss...@suse.de
+
+- Fixed 2 singlebyte overflows in opiesu (bnc#698772 CVE-2011-2489)
+- Fixed missing setuid() return check in opielogin (bnc#698772 CVE-2011-2490)
+- run permission hooks
+- fixed some build issues
+
+---
calling whatdependson for head-i586
New:
opie-2.4-implicit.patch
opie-fix-autoconf.patch
opielogin-setuid-CVE-2011-2490.patch
opiesu-overflow-CVE-2011-2489.patch
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.yHYW3d/_old 2011-07-06 10:16:20.0 +0200
+++ /var/tmp/diff_new_pack.yHYW3d/_new 2011-07-06 10:16:20.0 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package opie (Version 2.4)
+# spec file for package opie
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
BuildRequires: bison pam-devel
Url:http://www.inner.net/opie
Version:2.4
-Release:708
+Release:713
License:GPLv2+
Group: Productivity/Security
Provides: pam_opie
@@ -47,6 +47,10 @@
Patch12:%{name_pam}-%{version_pam}_array-subscript.patch
Patch13:%name-2.4-getline.patch
Patch14:%name-2.4-fclose.patch
+Patch15:%name-2.4-implicit.patch
+Patch16:opielogin-setuid-CVE-2011-2490.patch
+Patch17:opiesu-overflow-CVE-2011-2489.patch
+Patch18:opie-fix-autoconf.patch
Summary:Support for One-Time Passwords
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -75,18 +79,24 @@
perl -pi -e 's/(?!DESTDIR\))\$\(LOCALMAN\)/\$\(DESTDIR\)\$\(LOCALMAN\)/g'
Makefile.in
%patch10 -p1
%patch11
-cd %{name_pam}
+pushd %{name_pam}
%patch1 -p0
%patch12
-cd ..
+popd
%patch13
%patch14
+%patch15 -p1
+%patch16
+%patch17
+%patch18
%build
# build opie
export CFLAGS=$RPM_OPT_FLAGS -fno-strict-aliasing
+autoreconf -i -f
%configure --enable-insecure-override
make %{?_smp_mflags}
+
# build pam_opie
cd %{name_pam}
make %{?_smp_mflags}
@@ -108,11 +118,25 @@
%clean
[ $RPM_BUILD_ROOT != / ] [ -d $RPM_BUILD_ROOT ] rm -rf
$RPM_BUILD_ROOT
+%verifyscript
+%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu
+
+%post
+%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu
+
%files
%defattr(-,root,root)
%dir /etc/opielocks
%config(noreplace) /etc/opiekeys
-/usr/bin/*
+/usr/bin/opieftpd
+/usr/bin/opiegen
+/usr/bin/opieinfo
+/usr/bin/opiekey
+/usr/bin/opielogin
+%verify(not mode) /usr/bin/opiepasswd
+%verify(not mode) /usr/bin/opiesu
+/usr/bin/otp-md4
+/usr/bin/otp-md5
/%{_lib}/security/pam_opie.so
/%{_includedir}/opie.h
/%{_libdir}/libopie.a
++ opie-2.4-implicit.patch ++
Index: opie-2.4/configure.in
===
--- opie-2.4.orig/configure.in
+++ opie-2.4/configure.in
@@ -467,7 +467,7 @@ AC_CHECK_LIB(socket, socket)
dnl Checks for header files.
AC_HEADER_DIRENT
AC_HEADER_SYS_WAIT
-AC_CHECK_HEADERS(crypt.h fcntl.h limits.h termios.h sys/file.h sys/ioctl.h
sys/time.h syslog.h unistd.h paths.h shadow.h signal.h sys/signal.h lastlog.h
sys/utsname.h pwd.h sys/param.h string.h stdlib.h utmpx.h sys/select.h)
+AC_CHECK_HEADERS(crypt.h fcntl.h limits.h termios.h sys/file.h sys/ioctl.h
time.h sys/time.h syslog.h unistd.h paths.h shadow.h signal.h sys/signal.h
lastlog.h sys/utsname.h pwd.h sys/param.h string.h stdlib.h utmpx.h
sys/select.h)
dnl Checks for typedefs, structures, and compiler characteristics.
dnl AC_TYPE_UID_T
++ opie-fix-autoconf.patch ++
Index: configure.in
===
--- configure.in.orig
+++ configure.in
@@ -546,7 +546,9 @@ AC_TRY_COMPILE([
#endif /* HAVE_UNISTD_H */
],
[struct timeval tv;
-gettimeofday(tv, NULL)], AC_MSG_RESULT(no), AC_MSG_RESULT(maybe)
AC_TRY_COMPILE([
+gettimeofday(tv, NULL)],[AC_MSG_RESULT(no)],[
+AC_MSG_RESULT(maybe)
+AC_TRY_COMPILE([
#if HAVE_SYS_TIME_H
#include sys/time.h
#endif /* HAVE_SYS_TIME_H */
@@ -555,8 +557,13 @@ gettimeofday(tv, NULL)], AC_MSG_RESULT(
#endif /* HAVE_UNISTD_H */
],
[struct timeval tv;
-gettimeofday(tv)], AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY) AC_MSG_RESULT(yes),
AC_MSG_RESULT(no)))
+gettimeofday(tv)],
+[
+ AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY)
+ AC_MSG_RESULT(yes)
+],[AC_MSG_RESULT(no)])])
