commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2020-11-02 09:37:55 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new.3463 (New) Package is "opie" Mon Nov 2 09:37:55 2020 rev:32 rq:844524 version:2.4 Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2020-06-03 20:29:02.544538847 +0200 +++ /work/SRC/openSUSE:Factory/.opie.new.3463/opie.changes 2020-11-02 09:38:01.969474019 +0100 @@ -1,0 +2,7 @@ +Wed Oct 28 09:37:53 UTC 2020 - Matthias Gerstner + +- remove opiekeys and opiesu from permissions profiles. Package them normally, + because neither of them receives special permissions and we want to keep the + permissions profiles clean. + +--- Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.oenEdn/_old 2020-11-02 09:38:03.001475010 +0100 +++ /var/tmp/diff_new_pack.oenEdn/_new 2020-11-02 09:38:03.005475013 +0100 @@ -120,21 +120,22 @@ SECUREDIR=/%{_lib}/security install %verifyscript -%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu -e /etc/opiekeys +%verify_permissions /usr/bin/opiepasswd %post -%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu /etc/opiekeys +%set_permissions /usr/bin/opiepasswd %files %dir /etc/opielocks -%config(noreplace) /etc/opiekeys +%attr(0600,root,root) %config(noreplace) /etc/opiekeys /usr/bin/opieftpd /usr/bin/opiegen /usr/bin/opieinfo /usr/bin/opiekey /usr/bin/opielogin %verify(not mode) /usr/bin/opiepasswd -%verify(not mode) /usr/bin/opiesu +# packaged without setuid-root, because of bad code quality (bsc#882035) +%verify(not mode) %attr(0755,root,root) /usr/bin/opiesu /usr/bin/otp-md4 /usr/bin/otp-md5 /%{_lib}/security/pam_opie.so
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2020-06-03 20:28:52 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new.3606 (New) Package is "opie" Wed Jun 3 20:28:52 2020 rev:31 rq:809762 version:2.4 Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2019-09-20 14:41:27.531022794 +0200 +++ /work/SRC/openSUSE:Factory/.opie.new.3606/opie.changes 2020-06-03 20:29:02.544538847 +0200 @@ -1,0 +2,5 @@ +Tue May 26 11:16:45 UTC 2020 - Matthias Gerstner + +- allso apply permissions macros to /etc/opiekeys + +--- Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.oO9xKi/_old 2020-06-03 20:29:03.768542567 +0200 +++ /var/tmp/diff_new_pack.oO9xKi/_new 2020-06-03 20:29:03.776542592 +0200 @@ -1,7 +1,7 @@ # # spec file for package opie # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -120,10 +120,10 @@ SECUREDIR=/%{_lib}/security install %verifyscript -%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu +%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu -e /etc/opiekeys %post -%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu +%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu /etc/opiekeys %files %dir /etc/opielocks
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2019-09-20 14:41:26 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new.7948 (New) Package is "opie" Fri Sep 20 14:41:26 2019 rev:30 rq:729443 version:2.4 Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2019-09-05 12:10:03.587855528 +0200 +++ /work/SRC/openSUSE:Factory/.opie.new.7948/opie.changes 2019-09-20 14:41:27.531022794 +0200 @@ -1,0 +2,6 @@ +Tue Aug 27 07:33:25 UTC 2019 - Jan Engelhardt + +- Remove ancient %clean section. Replace old $RPM_* shell vars + by macros. + +--- Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.oKo346/_old 2019-09-20 14:41:29.107022481 +0200 +++ /var/tmp/diff_new_pack.oKo346/_new 2019-09-20 14:41:29.107022481 +0200 @@ -17,14 +17,12 @@ Name: opie -#!BuildIgnore: opie -BuildRequires: automake -BuildRequires: bison -BuildRequires: pam-devel -Url:http://www.inner.net/opie +Summary:Support for One-Time Passwords +License:SUSE-Innernet-2.0 +Group: Productivity/Security Version:2.4 Release:0 -Provides: pam_opie +URL:http://www.inner.net/opie %define name_pam pam_opie %define version_pam 0.21 Source0:%{name}-%{version}.tar.bz2 @@ -52,11 +50,12 @@ Patch19:opie-2.4-DESTDIR.patch Patch20:opie-2.4-pie.patch Patch21:opie-fix-indendation.patch -Summary:Support for One-Time Passwords -License:SUSE-Innernet-2.0 -Group: Productivity/Security -BuildRoot: %{_tmppath}/%{name}-%{version}-build -PreReq: permissions +#!BuildIgnore: opie +BuildRequires: automake +BuildRequires: bison +BuildRequires: pam-devel +Provides: pam_opie +Requires(post): permissions %description OPIE stands for One-time Passwords In Everything. One-time passwords @@ -96,7 +95,7 @@ %build %global _lto_cflags %{_lto_cflags} -ffat-lto-objects # build opie -export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" +export CFLAGS="%{optflags} -fno-strict-aliasing" export SUID_CFLAGS="-fPIC" SUID_LDFLAGS="-pie" autoreconf -i -f %configure --enable-insecure-override @@ -108,21 +107,18 @@ %install # install opie -mkdir -p $RPM_BUILD_ROOT/etc -mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man1/ +mkdir -p %{buildroot}/etc +mkdir -p %{buildroot}/%{_mandir}/man1/ # -make CHOWN=/bin/echo DESTDIR=$RPM_BUILD_ROOT install -install -m 644 -D opie.h $RPM_BUILD_ROOT%{_includedir}/opie.h -install -m 644 -D libopie/libopie.a $RPM_BUILD_ROOT%{_libdir}/libopie.a +%make_install CHOWN=/bin/echo +install -m 644 -D opie.h %{buildroot}/%{_includedir}/opie.h +install -m 644 -D libopie/libopie.a %{buildroot}/%{_libdir}/libopie.a mv %{name_pam}/README ./README.PAM # install pam_opie cd %{name_pam} -make FAKEROOT=$RPM_BUILD_ROOT \ +make FAKEROOT="%{buildroot}" \ SECUREDIR=/%{_lib}/security install -%clean -[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] && rm -rf $RPM_BUILD_ROOT - %verifyscript %verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu @@ -130,7 +126,6 @@ %set_permissions /usr/bin/opiepasswd /usr/bin/opiesu %files -%defattr(-,root,root) %dir /etc/opielocks %config(noreplace) /etc/opiekeys /usr/bin/opieftpd
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2019-09-05 12:09:59 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new.7948 (New) Package is "opie" Thu Sep 5 12:09:59 2019 rev:29 rq:721693 version:2.4 Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2017-04-25 08:54:08.269453445 +0200 +++ /work/SRC/openSUSE:Factory/.opie.new.7948/opie.changes 2019-09-05 12:10:03.587855528 +0200 @@ -1,0 +2,5 @@ +Fri Aug 2 08:16:31 UTC 2019 - Martin Liška + +- Use FAT LTO objects in order to provide proper static library. + +--- Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.DK2Zl1/_old 2019-09-05 12:10:05.995855077 +0200 +++ /var/tmp/diff_new_pack.DK2Zl1/_new 2019-09-05 12:10:05.999855076 +0200 @@ -1,7 +1,7 @@ # # spec file for package opie # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -94,6 +94,7 @@ %patch21 -p1 %build +%global _lto_cflags %{_lto_cflags} -ffat-lto-objects # build opie export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export SUID_CFLAGS="-fPIC" SUID_LDFLAGS="-pie"
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2017-04-25 08:54:07 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new (New) Package is "opie" Tue Apr 25 08:54:07 2017 rev:28 rq:484789 version:2.4 Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2012-03-12 08:53:48.0 +0100 +++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2017-04-25 08:54:08.269453445 +0200 @@ -1,0 +2,8 @@ +Mon Apr 3 06:21:18 UTC 2017 - meiss...@suse.com + +- opie-fix-indendation.patch: fixed a wrong ; that broke a while() + loop +- opie-2.4-decl.diff: added missing stdlib.h, ctype.h, time.h + includes everywhere (bsc#1031339) + +--- New: opie-fix-indendation.patch Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.eNK5LT/_old 2017-04-25 08:54:09.977211963 +0200 +++ /var/tmp/diff_new_pack.eNK5LT/_new 2017-04-25 08:54:09.981211397 +0200 @@ -1,7 +1,7 @@ # # spec file for package opie # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,6 @@ # - Name: opie #!BuildIgnore: opie BuildRequires: automake @@ -24,9 +23,7 @@ BuildRequires: pam-devel Url:http://www.inner.net/opie Version:2.4 -Release:708 -License:SUSE-Innernet-2.0 -Group: Productivity/Security +Release:0 Provides: pam_opie %define name_pam pam_opie %define version_pam 0.21 @@ -54,7 +51,10 @@ Patch18:opie-fix-autoconf.patch Patch19:opie-2.4-DESTDIR.patch Patch20:opie-2.4-pie.patch +Patch21:opie-fix-indendation.patch Summary:Support for One-Time Passwords +License:SUSE-Innernet-2.0 +Group: Productivity/Security BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: permissions @@ -91,6 +91,7 @@ %patch17 %patch18 %patch20 -p1 +%patch21 -p1 %build # build opie ++ opie-2.4-decl.diff ++ --- /var/tmp/diff_new_pack.eNK5LT/_old 2017-04-25 08:54:10.053201217 +0200 +++ /var/tmp/diff_new_pack.eNK5LT/_new 2017-04-25 08:54:10.057200652 +0200 @@ -1,6 +1,8 @@ opie-2.4/libopie/generator.c +Index: opie-2.4/libopie/generator.c +=== +--- opie-2.4.orig/libopie/generator.c +++ opie-2.4/libopie/generator.c -@@ -49,6 +49,8 @@ +@@ -49,6 +49,8 @@ you didn't get a copy, you may request o #endif /* DEBUG */ #include "opie.h" @@ -9,9 +11,11 @@ static char *algids[] = { NULL, NULL, NULL, "sha1", "md4", "md5" }; #if OPIEAUTO opie-2.4/libopie/lookup.c +Index: opie-2.4/libopie/lookup.c +=== +--- opie-2.4.orig/libopie/lookup.c +++ opie-2.4/libopie/lookup.c -@@ -13,6 +13,7 @@ +@@ -13,6 +13,7 @@ you didn't get a copy, you may request o #include "opie_cfg.h" #include @@ -19,9 +23,11 @@ #include "opie.h" int opielookup FUNCTION((opie, principal), struct opie *opie AND char *principal) opie-2.4/libopie/md4c.c +Index: opie-2.4/libopie/md4c.c +=== +--- opie-2.4.orig/libopie/md4c.c +++ opie-2.4/libopie/md4c.c -@@ -44,6 +44,8 @@ +@@ -44,6 +44,8 @@ License Agreement applies to this softwa #include "opie_cfg.h" #include "opie.h" @@ -30,9 +36,11 @@ /* Constants for MD4Transform routine. */ #define S11 3 opie-2.4/libopie/md5c.c +Index: opie-2.4/libopie/md5c.c +=== +--- opie-2.4.orig/libopie/md5c.c +++ opie-2.4/libopie/md5c.c -@@ -47,6 +47,7 @@ +@@ -47,6 +47,7 @@ License Agreement applies to this softwa #include "opie_cfg.h" #include "opie.h" @@ -40,9 +48,29 @@ /* Constants for MD5Transform routine. */ opie-2.4/libopie/newseed.c +Index: opie-2.4/libopie/newseed.c +=== +--- opie-2.4.orig/libopie/newseed.c +++ opie-2.4/libopie/newseed.c -@@ -35,6 +35,8 @@ +@@ -16,16 +16,11 @@ you didn't get a copy, you may request o + */ + + #include "opie_cfg.h" +-#if HAVE_TIME_H + #include +-#endif /* HAVE_TIME_H */ +-#if HAVE_STRING_H + #include +-#endif /* HAVE_STRING_H */ + #include +-#if HAVE_UNISTD_H + #include +-#endif /* HAVE_UNISTD_H */ ++#include + #if HAVE_SYS_UTSNAME_H + #include + #endif /* HAVE_SYS_UTSNAME_H */ +@@ -35,6 +30,8
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2012-03-12 08:53:47 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new (New) Package is opie, Maintainer is meiss...@suse.com Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2011-12-06 18:01:30.0 +0100 +++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2012-03-12 08:53:48.0 +0100 @@ -1,0 +2,5 @@ +Fri Feb 24 10:30:28 UTC 2012 - lnus...@suse.de + +- make opie program position independent (bnc#743136) + +--- New: opie-2.4-DESTDIR.patch opie-2.4-pie.patch Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.VoSreW/_old 2012-03-12 08:53:49.0 +0100 +++ /var/tmp/diff_new_pack.VoSreW/_new 2012-03-12 08:53:49.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package opie # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,7 +25,7 @@ Url:http://www.inner.net/opie Version:2.4 Release:708 -License:Innernet-2.0 +License:SUSE-Innernet-2.0 Group: Productivity/Security Provides: pam_opie %define name_pam pam_opie @@ -52,6 +52,8 @@ Patch16:opielogin-setuid-CVE-2011-2490.patch Patch17:opiesu-overflow-CVE-2011-2489.patch Patch18:opie-fix-autoconf.patch +Patch19:opie-2.4-DESTDIR.patch +Patch20:opie-2.4-pie.patch Summary:Support for One-Time Passwords BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: permissions @@ -75,10 +77,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -perl -pi -e 's/(?!DESTDIR\))\$\(KEY_FILE\)/\$\(DESTDIR\)\$\(KEY_FILE\)/g' Makefile.in -perl -pi -e 's/(?!DESTDIR\))\$\(LOCK_DIR\)/\$\(DESTDIR\)\$\(LOCK_DIR\)/g' Makefile.in -perl -pi -e 's/(?!DESTDIR\))\$\(LOCALBIN\)/\$\(DESTDIR\)\$\(LOCALBIN\)/g' Makefile.in -perl -pi -e 's/(?!DESTDIR\))\$\(LOCALMAN\)/\$\(DESTDIR\)\$\(LOCALMAN\)/g' Makefile.in +%patch19 -p1 %patch10 -p1 %patch11 pushd %{name_pam} @@ -91,10 +90,12 @@ %patch16 %patch17 %patch18 +%patch20 -p1 %build # build opie export CFLAGS=$RPM_OPT_FLAGS -fno-strict-aliasing +export SUID_CFLAGS=-fPIC SUID_LDFLAGS=-pie autoreconf -i -f %configure --enable-insecure-override make %{?_smp_mflags} ++ opie-2.4-DESTDIR.patch ++ Index: opie-2.4/Makefile.in === --- opie-2.4.orig/Makefile.in +++ opie-2.4/Makefile.in @@ -136,60 +136,60 @@ client: libopie/libopie.a libmissing/lib client-install: client @echo Installing OPIE client software... @echo Copying OPIE key-related files - @if test ! -d $(LOCALBIN); then $(MKDIR) $(LOCALBIN); chmod 755 $(LOCALBIN); fi - @cp opiekey $(OPIEAUTO) $(LOCALBIN) - @cp opiesu $(OPIEAUTO) $(LOCALBIN) - @cp opielogin $(OPIEAUTO) $(LOCALBIN) - @cp opieftpd $(OPIEAUTO) $(LOCALBIN) - @cp opiegen $(OPIEAUTO) $(LOCALBIN) - @$(CHOWN) $(OWNER) $(LOCALBIN)/opiekey - @$(CHOWN) $(OWNER) $(LOCALBIN)/opiesu - @$(CHOWN) $(OWNER) $(LOCALBIN)/opielogin - @$(CHOWN) $(OWNER) $(LOCALBIN)/opieftpd - @$(CHOWN) $(OWNER) $(LOCALBIN)/opiegen - @if test ! -z $(OPIEAUTO); then $(CHOWN) $(OWNER) $(LOCALBIN)/opieauto; fi - @chgrp $(GROUP) $(LOCALBIN)/opiekey + @if test ! -d $(DESTDIR)$(LOCALBIN); then $(MKDIR) $(DESTDIR)$(LOCALBIN); chmod 755 $(DESTDIR)$(LOCALBIN); fi + @cp opiekey $(OPIEAUTO) $(DESTDIR)$(LOCALBIN) + @cp opiesu $(OPIEAUTO) $(DESTDIR)$(LOCALBIN) + @cp opielogin $(OPIEAUTO) $(DESTDIR)$(LOCALBIN) + @cp opieftpd $(OPIEAUTO) $(DESTDIR)$(LOCALBIN) + @cp opiegen $(OPIEAUTO) $(DESTDIR)$(LOCALBIN) + @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiekey + @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiesu + @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opielogin + @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opieftpd + @$(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opiegen + @if test ! -z $(OPIEAUTO); then $(CHOWN) $(OWNER) $(DESTDIR)$(LOCALBIN)/opieauto; fi + @chgrp $(GROUP) $(DESTDIR)$(LOCALBIN)/opiekey @echo Changing file permissions - @chmod 0755 $(LOCALBIN)/opiekey - @chmod 0755 $(LOCALBIN)/opieftpd - @chmod 0755 $(LOCALBIN)/opiegen - @chmod 0755 $(LOCALBIN)/opielogin - @chmod 4755 $(LOCALBIN)/opiesu - @if
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at 2011-12-06 17:59:58 Comparing /work/SRC/openSUSE:Factory/opie (Old) and /work/SRC/openSUSE:Factory/.opie.new (New) Package is opie, Maintainer is meiss...@suse.com Changes: --- /work/SRC/openSUSE:Factory/opie/opie.changes2011-09-23 12:21:03.0 +0200 +++ /work/SRC/openSUSE:Factory/.opie.new/opie.changes 2011-12-06 18:01:30.0 +0100 @@ -1,0 +2,11 @@ +Mon Dec 5 11:18:38 CET 2011 - meiss...@suse.de + +- This package license is actually Innernet, not GPL v2, + see /usr/share/doc/packages/opie/License.TIN + +--- +Thu Dec 1 15:57:25 UTC 2011 - co...@suse.com + +- add automake as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.jUdCBx/_old 2011-12-06 18:01:32.0 +0100 +++ /var/tmp/diff_new_pack.jUdCBx/_new 2011-12-06 18:01:32.0 +0100 @@ -19,14 +19,15 @@ Name: opie #!BuildIgnore: opie -BuildRequires: bison pam-devel +BuildRequires: automake +BuildRequires: bison +BuildRequires: pam-devel Url:http://www.inner.net/opie Version:2.4 -Release:713 -License:GPLv2+ +Release:708 +License:Innernet-2.0 Group: Productivity/Security Provides: pam_opie -AutoReqProv:on %define name_pam pam_opie %define version_pam 0.21 Source0:%{name}-%{version}.tar.bz2 @@ -53,6 +54,7 @@ Patch18:opie-fix-autoconf.patch Summary:Support for One-Time Passwords BuildRoot: %{_tmppath}/%{name}-%{version}-build +PreReq: permissions %description OPIE stands for One-time Passwords In Everything. One-time passwords @@ -140,7 +142,7 @@ /%{_lib}/security/pam_opie.so /%{_includedir}/opie.h /%{_libdir}/libopie.a -%doc BUG-REPORT COPYRIGHT.NRL INSTALL License.TIN README README.PAM +%doc BUG-REPORT COPYRIGHT.NRL License.TIN README README.PAM %doc %{_mandir}/man*/* %changelog -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit opie for openSUSE:Factory
Hello community, here is the log from the commit of package opie for openSUSE:Factory checked in at Wed Jul 6 10:19:12 CEST 2011. --- opie/opie.changes 2010-10-31 19:04:12.0 +0100 +++ /mounts/work_src_done/STABLE/opie/opie.changes 2011-07-05 17:15:44.0 +0200 @@ -1,0 +2,8 @@ +Mon Jun 27 16:51:42 CEST 2011 - meiss...@suse.de + +- Fixed 2 singlebyte overflows in opiesu (bnc#698772 CVE-2011-2489) +- Fixed missing setuid() return check in opielogin (bnc#698772 CVE-2011-2490) +- run permission hooks +- fixed some build issues + +--- calling whatdependson for head-i586 New: opie-2.4-implicit.patch opie-fix-autoconf.patch opielogin-setuid-CVE-2011-2490.patch opiesu-overflow-CVE-2011-2489.patch Other differences: -- ++ opie.spec ++ --- /var/tmp/diff_new_pack.yHYW3d/_old 2011-07-06 10:16:20.0 +0200 +++ /var/tmp/diff_new_pack.yHYW3d/_new 2011-07-06 10:16:20.0 +0200 @@ -1,7 +1,7 @@ # -# spec file for package opie (Version 2.4) +# spec file for package opie # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ BuildRequires: bison pam-devel Url:http://www.inner.net/opie Version:2.4 -Release:708 +Release:713 License:GPLv2+ Group: Productivity/Security Provides: pam_opie @@ -47,6 +47,10 @@ Patch12:%{name_pam}-%{version_pam}_array-subscript.patch Patch13:%name-2.4-getline.patch Patch14:%name-2.4-fclose.patch +Patch15:%name-2.4-implicit.patch +Patch16:opielogin-setuid-CVE-2011-2490.patch +Patch17:opiesu-overflow-CVE-2011-2489.patch +Patch18:opie-fix-autoconf.patch Summary:Support for One-Time Passwords BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -75,18 +79,24 @@ perl -pi -e 's/(?!DESTDIR\))\$\(LOCALMAN\)/\$\(DESTDIR\)\$\(LOCALMAN\)/g' Makefile.in %patch10 -p1 %patch11 -cd %{name_pam} +pushd %{name_pam} %patch1 -p0 %patch12 -cd .. +popd %patch13 %patch14 +%patch15 -p1 +%patch16 +%patch17 +%patch18 %build # build opie export CFLAGS=$RPM_OPT_FLAGS -fno-strict-aliasing +autoreconf -i -f %configure --enable-insecure-override make %{?_smp_mflags} + # build pam_opie cd %{name_pam} make %{?_smp_mflags} @@ -108,11 +118,25 @@ %clean [ $RPM_BUILD_ROOT != / ] [ -d $RPM_BUILD_ROOT ] rm -rf $RPM_BUILD_ROOT +%verifyscript +%verify_permissions -e /usr/bin/opiepasswd -e /usr/bin/opiesu + +%post +%set_permissions /usr/bin/opiepasswd /usr/bin/opiesu + %files %defattr(-,root,root) %dir /etc/opielocks %config(noreplace) /etc/opiekeys -/usr/bin/* +/usr/bin/opieftpd +/usr/bin/opiegen +/usr/bin/opieinfo +/usr/bin/opiekey +/usr/bin/opielogin +%verify(not mode) /usr/bin/opiepasswd +%verify(not mode) /usr/bin/opiesu +/usr/bin/otp-md4 +/usr/bin/otp-md5 /%{_lib}/security/pam_opie.so /%{_includedir}/opie.h /%{_libdir}/libopie.a ++ opie-2.4-implicit.patch ++ Index: opie-2.4/configure.in === --- opie-2.4.orig/configure.in +++ opie-2.4/configure.in @@ -467,7 +467,7 @@ AC_CHECK_LIB(socket, socket) dnl Checks for header files. AC_HEADER_DIRENT AC_HEADER_SYS_WAIT -AC_CHECK_HEADERS(crypt.h fcntl.h limits.h termios.h sys/file.h sys/ioctl.h sys/time.h syslog.h unistd.h paths.h shadow.h signal.h sys/signal.h lastlog.h sys/utsname.h pwd.h sys/param.h string.h stdlib.h utmpx.h sys/select.h) +AC_CHECK_HEADERS(crypt.h fcntl.h limits.h termios.h sys/file.h sys/ioctl.h time.h sys/time.h syslog.h unistd.h paths.h shadow.h signal.h sys/signal.h lastlog.h sys/utsname.h pwd.h sys/param.h string.h stdlib.h utmpx.h sys/select.h) dnl Checks for typedefs, structures, and compiler characteristics. dnl AC_TYPE_UID_T ++ opie-fix-autoconf.patch ++ Index: configure.in === --- configure.in.orig +++ configure.in @@ -546,7 +546,9 @@ AC_TRY_COMPILE([ #endif /* HAVE_UNISTD_H */ ], [struct timeval tv; -gettimeofday(tv, NULL)], AC_MSG_RESULT(no), AC_MSG_RESULT(maybe) AC_TRY_COMPILE([ +gettimeofday(tv, NULL)],[AC_MSG_RESULT(no)],[ +AC_MSG_RESULT(maybe) +AC_TRY_COMPILE([ #if HAVE_SYS_TIME_H #include sys/time.h #endif /* HAVE_SYS_TIME_H */ @@ -555,8 +557,13 @@ gettimeofday(tv, NULL)], AC_MSG_RESULT( #endif /* HAVE_UNISTD_H */ ], [struct timeval tv; -gettimeofday(tv)], AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY) AC_MSG_RESULT(yes), AC_MSG_RESULT(no))) +gettimeofday(tv)], +[ + AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY) + AC_MSG_RESULT(yes) +],[AC_MSG_RESULT(no)])])