From patchwork Thu Sep  5 13:28:50 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 8081
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4X00Z33sqQz3wdh
	for <patchwork@web04.haj.ipfire.org>; Thu,  5 Sep 2024 13:28:59 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4X00Z050Wqzr2;
	Thu,  5 Sep 2024 13:28:56 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4X00Z036T5z33nf;
	Thu,  5 Sep 2024 13:28:56 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature RSA-PSS (4096 bits))
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4X00Yy16Zwz2ybk
	for <development@lists.ipfire.org>; Thu,  5 Sep 2024 13:28:54 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4X00Yx36WyzJH;
	Thu,  5 Sep 2024 13:28:53 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1725542933;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P8Z2sojozaXdA7hHkY2gj5zEwKPqgmK7WgpDn0I7GmY=;
	b=6Atm6QxWdLioHbihu/RE+n+TycntTGeJlSAVuyk06ybYBOAkjplsWUWcCl7K0b7+5kzPxp
	Urh/5iU1FGmChgCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1725542933;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P8Z2sojozaXdA7hHkY2gj5zEwKPqgmK7WgpDn0I7GmY=;
	b=fBinOj9+AnsOr1xhBtPzwc+Z3OSt/R87GWIXpddMoy/JAhW2ozVVpGhWHaToA6b7wk0rRY
	0s3/2QMLP3Nowq7hKXe0nqS6iDdagd0PHs6KlabvGqxXtCJKy+dYO4w+a50fy68sS5a5lw
	sCExetrJSyMUQ/NsM0TWeGZbkQsos1ubv8/EI5u9xjZHpK8gmhiCMC+IY9DyODfqZBRir4
	iuQlMVv7GI71lOAfvUNkGstqXQMQM/3EJ9ZHL6Guk1ZHkKIS2y73YQvDnGdepbfHIHcV94
	I2UEe4DfN370l5cl1MjWmOY3X31GDn3xT0aogKAidHZzasce6dOH2wN2hzdmZw==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] sudo: Update to version 1.9.16
Date: Thu,  5 Sep 2024 15:28:50 +0200
Message-ID: <20240905132850.3430651-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Message-ID-Hash: O3UGV4NY7LIZS3BXOA6ZEXOJDUJZBHHS
X-Message-ID-Hash: O3UGV4NY7LIZS3BXOA6ZEXOJDUJZBHHS
X-MailFrom: adolf.belka@ipfire.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
Archived-At: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/O3UGV4NY7LIZS3BXOA6ZEXOJDUJZBHHS/>
List-Archive: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Owner: <mailto:development-owner@lists.ipfire.org>
List-Post: <mailto:development@lists.ipfire.org>
List-Subscribe: <mailto:development-join@lists.ipfire.org>
List-Unsubscribe: <mailto:development-leave@lists.ipfire.org>

- Update from version 1.9.15p5 to 1.9.16
- Update of rootfile
- Changelog
    1.9.16
	 * Added the "cmddenial_message" sudoers option to provide additional
	   information to the user when a command is denied by the sudoers
	   policy.  The default message is still displayed.
	 * The time stamp used for file-based logs is now more consistent
	   with the time stamp produced by syslog.  GitHub issues #327.
	 * Sudo will now warn the user if it can detect the user's terminal
	   but cannot determine the path to the terminal device.  The sudoers
	   time stamp file will now use the terminal device number directly.
	   GitHub issue #329.
	 * The embedded copy of zlib has been updated to version 1.3.1.
	 * Improved error handling if generating the list of signals and signal
	   names fails at build time.
	 * Fixed a compilation issue on Linux systems without process_vm_readv().
	 * Fixed cross-compilation with WolfSSL.
	 * Added a "json_compact" value for the sudoers "log_format" option
	   which can be used when logging to a file.  The existing "json"
	   value has been aliased to "json_pretty".  In a future release,
	   "json" will be an alias for "json_compact".  GitHub issue #357.
	 * A new "pam_silent" sudoers option has been added which may be
	   negated to avoid suppressing output from PAM authentication modules.
	   GitHub issue #216.
	 * Fixed several cvtsudoers JSON output problems.
	   GitHub issues #369, #370, #371, #373, #381.
	 * When sudo runs a command in a pseudo-terminal and the user's
	   terminal is revoked, the pseudo-terminal's foreground process
	   group will now receive SIGHUP before the terminal is revoked.
	   This emulates the behavior of the session leader exiting and is
	   consistent with what happens when, for example, an ssh session
	   is closed.  GitHub issue #367.
	 * Fixed "make test" with Python 3.12.  GitHub issue #374.
	 * In schema.ActiveDirectory, fixed the quoting in the example command.
	   GitHub issue #376.
	 * Paths specified via a Chdir_Spec or Chroot_Spec in sudoers may
	   now be double-quoted.
	 * Sudo insults are now included by default, but disabled unless
	   the --with-insults configure option is specified or the "insults"
	   sudoers option is enabled.
	 * The default sudoers file now enables the "secure_path" option by
	   default and preserves the EDITOR, VISUAL, and SUDO_EDITOR environment
	   variables when running visudo.  The new --with-secure-path-value
	   configure option can be used to set the value of "secure_path" in
	   the default sudoers file.  GitHub issue #387.
	 * A sudoers schema for IBM Directory Server (aka IBM Tivoli Directory
	   Server, IBM Security Directory Server, and IBM Security Verify
	   Directory) is now included.
	 * When cross-compiling sudo, the configure script now assumes that
	   the snprintf() function is C99-compliant if the C compiler
	   supports the C99 standard.  Previously, configure would use
	   sudo's own snprintf() when cross-compiling.  GitHub issue #386.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/sudo | 1 +
 lfs/sudo                     | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo
index a09f06b38..651a284e3 100644
--- a/config/rootfiles/common/sudo
+++ b/config/rootfiles/common/sudo
@@ -75,6 +75,7 @@ usr/sbin/visudo
 #usr/share/locale/hu/LC_MESSAGES/sudo.mo
 #usr/share/locale/hu/LC_MESSAGES/sudoers.mo
 #usr/share/locale/id/LC_MESSAGES/sudo.mo
+#usr/share/locale/id/LC_MESSAGES/sudoers.mo
 #usr/share/locale/it/LC_MESSAGES/sudo.mo
 #usr/share/locale/it/LC_MESSAGES/sudoers.mo
 #usr/share/locale/ja/LC_MESSAGES/sudo.mo
diff --git a/lfs/sudo b/lfs/sudo
index 129e41e9f..cac540be0 100644
--- a/lfs/sudo
+++ b/lfs/sudo
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2023  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.9.15p5
+VER        = 1.9.16
 
 THISAPP    = sudo-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 73ee598c2a2848d5be24f97492b13eba2f326c514799220e43a1aeafc6692224a7555fb7cc0a96a2720751d3e4d98e752804db589ac3c1476f24e71f5b9bc720
+$(DL_FILE)_BLAKE2 = 19daa789af3ca2c4832950f0dd6f26a97285fdc155f0d7c18ec1f1accafce9b86f2f5730d3bb0b8e7717c0c55f4079928e03acb3974cb2652c58d4bcb2f74a12
 
 install : $(TARGET)