From dd3682813d2ece42a7a627feb919c9d9d317a494 Mon Sep 17 00:00:00 2001 From: basebuilder_pel7ppc64lebuilder0 Date: Fri, 22 Nov 2019 14:53:26 +0100 Subject: [PATCH] sudo package pdate Signed-off-by: basebuilder_pel7ppc64lebuilder0 --- .../sudo-1.8.23-pam-expired-passwords.patch | 103 +++++++++++ SOURCES/sudo-1.8.23-who-am-i.patch | 56 ++++++ SOURCES/sudo-1.8.28-CVE-strtouid-test.patch | 96 ++++++++++ SOURCES/sudo-1.8.28-CVE-strtouid.patch | 172 ++++++++++++++++++ SPECS/sudo.spec | 54 ++++-- 5 files changed, 466 insertions(+), 15 deletions(-) create mode 100644 SOURCES/sudo-1.8.23-pam-expired-passwords.patch create mode 100644 SOURCES/sudo-1.8.23-who-am-i.patch create mode 100644 SOURCES/sudo-1.8.28-CVE-strtouid-test.patch create mode 100644 SOURCES/sudo-1.8.28-CVE-strtouid.patch diff --git a/SOURCES/sudo-1.8.23-pam-expired-passwords.patch b/SOURCES/sudo-1.8.23-pam-expired-passwords.patch new file mode 100644 index 00000000..bf2078a0 --- /dev/null +++ b/SOURCES/sudo-1.8.23-pam-expired-passwords.patch @@ -0,0 +1,103 @@ + +# HG changeset patch +# User Todd C. Miller +# Date 1544201494 25200 +# Node ID 656aa910fbaf0be517e012c9271c51eb85c1cca5 +# Parent ef83f35c9cb090a8b4fd36942f1e47e65c285dce +The fix for bug #843 was incomplete and caused pam_end() to be called early. +sudo_pam_approval() must not set the global pam status to an error +value if it returns AUTH_SUCCESS. Otherwise, sudo_pam_cleanup() +will call pam_end() before sudo_pam_begin_session(). This resulted +in a NULL PAM handle being used in sudo_pam_begin_session(). + +diff -r ef83f35c9cb0 -r 656aa910fbaf plugins/sudoers/auth/pam.c +--- a/plugins/sudoers/auth/pam.c Wed Dec 05 10:43:14 2018 -0700 ++++ b/plugins/sudoers/auth/pam.c Fri Dec 07 09:51:34 2018 -0700 +@@ -210,59 +210,68 @@ + sudo_pam_approval(struct passwd *pw, sudo_auth *auth, bool exempt) + { + const char *s; ++ int rc, status = AUTH_SUCCESS; + int *pam_status = (int *) auth->data; + debug_decl(sudo_pam_approval, SUDOERS_DEBUG_AUTH) + +- *pam_status = pam_acct_mgmt(pamh, PAM_SILENT); +- switch (*pam_status) { ++ rc = pam_acct_mgmt(pamh, PAM_SILENT); ++ switch (rc) { + case PAM_SUCCESS: +- debug_return_int(AUTH_SUCCESS); ++ break; + case PAM_AUTH_ERR: + log_warningx(0, N_("account validation failure, " + "is your account locked?")); +- debug_return_int(AUTH_FATAL); ++ status = AUTH_FATAL; ++ break; + case PAM_NEW_AUTHTOK_REQD: + /* Ignore if user is exempt from password restrictions. */ + if (exempt) +- debug_return_int(AUTH_SUCCESS); ++ break; + /* New password required, try to change it. */ + log_warningx(0, N_("Account or password is " + "expired, reset your password and try again")); +- *pam_status = pam_chauthtok(pamh, +- PAM_CHANGE_EXPIRED_AUTHTOK); +- if (*pam_status == PAM_SUCCESS) +- debug_return_int(AUTH_SUCCESS); +- if ((s = pam_strerror(pamh, *pam_status)) == NULL) ++ rc = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); ++ if (rc == PAM_SUCCESS) ++ break; ++ if ((s = pam_strerror(pamh, rc)) == NULL) + s = "unknown error"; + log_warningx(0, + N_("unable to change expired password: %s"), s); +- debug_return_int(AUTH_FAILURE); ++ status = AUTH_FAILURE; ++ break; + case PAM_AUTHTOK_EXPIRED: + /* Ignore if user is exempt from password restrictions. */ + if (exempt) +- debug_return_int(AUTH_SUCCESS); ++ break; + /* Password expired, cannot be updated by user. */ + log_warningx(0, + N_("Password expired, contact your system administrator")); +- debug_return_int(AUTH_FATAL); ++ status = AUTH_FATAL; ++ break; + case PAM_ACCT_EXPIRED: + log_warningx(0, + N_("Account expired or PAM config lacks an \"account\" " + "section for sudo, contact your system administrator")); +- debug_return_int(AUTH_FATAL); ++ status = AUTH_FATAL; ++ break; + case PAM_AUTHINFO_UNAVAIL: + case PAM_MAXTRIES: + case PAM_PERM_DENIED: +- s = pam_strerror(pamh, *pam_status); ++ s = pam_strerror(pamh, rc); + log_warningx(0, N_("PAM account management error: %s"), + s ? s : "unknown error"); +- debug_return_int(AUTH_FAILURE); ++ status = AUTH_FAILURE; ++ break; + default: +- s = pam_strerror(pamh, *pam_status); ++ s = pam_strerror(pamh, rc); + log_warningx(0, N_("PAM account management error: %s"), + s ? s : "unknown error"); +- debug_return_int(AUTH_FATAL); ++ status = AUTH_FATAL; ++ break; + } ++ /* Ignore errors if user is exempt from password restrictions. */ ++ *pam_status = exempt ? PAM_SUCCESS : rc; ++ debug_return_int(status); + } + + int + diff --git a/SOURCES/sudo-1.8.23-who-am-i.patch b/SOURCES/sudo-1.8.23-who-am-i.patch new file mode 100644 index 00000000..2be1c3cf --- /dev/null +++ b/SOURCES/sudo-1.8.23-who-am-i.patch @@ -0,0 +1,56 @@ +commit b2f7983c84fd01e0b29895d7df776b4b162fd8a5 +Author: Todd C. Miller +Date: Wed Jan 2 07:39:33 2019 -0700 + + Fix setting of utmp entry when running command in a pty. + Regression introduced in sudo 1.8.22. + +diff --git a/src/exec_pty.c b/src/exec_pty.c +index cbcccca3..68312a98 100644 +--- a/src/exec_pty.c ++++ b/src/exec_pty.c +@@ -140,7 +140,7 @@ pty_cleanup(void) + * and slavename globals. + */ + static bool +-pty_setup(uid_t uid, const char *tty) ++pty_setup(struct command_details *details, const char *tty) + { + debug_decl(pty_setup, SUDO_DEBUG_EXEC); + +@@ -152,12 +152,15 @@ pty_setup(uid_t uid, const char *tty) + } + + if (!get_pty(&io_fds[SFD_MASTER], &io_fds[SFD_SLAVE], +- slavename, sizeof(slavename), uid)) ++ slavename, sizeof(slavename), details->euid)) + sudo_fatal(U_("unable to allocate pty")); + + /* Add entry to utmp/utmpx? */ +- if (utmp_user != NULL) ++ if (ISSET(details->flags, CD_SET_UTMP)) { ++ utmp_user = ++ details->utmp_user ? details->utmp_user : user_details.username; + utmp_login(tty, slavename, io_fds[SFD_SLAVE], utmp_user); ++ } + + sudo_debug_printf(SUDO_DEBUG_INFO, + "%s: %s fd %d, pty master fd %d, pty slave fd %d", +@@ -1302,12 +1305,11 @@ exec_pty(struct command_details *details, struct command_status *cstat) + /* + * Allocate a pty. + */ +- if (pty_setup(details->euid, user_details.tty)) { +- if (ISSET(details->flags, CD_SET_UTMP)) +- utmp_user = details->utmp_user ? details->utmp_user : user_details.username; +- } else if (TAILQ_EMPTY(&io_plugins)) { +- /* Not logging I/O and didn't allocate a pty. */ +- debug_return_bool(false); ++ if (!pty_setup(details, user_details.tty)) { ++ if (TAILQ_EMPTY(&io_plugins)) { ++ /* Not logging I/O and didn't allocate a pty. */ ++ debug_return_bool(false); ++ } + } + + /* diff --git a/SOURCES/sudo-1.8.28-CVE-strtouid-test.patch b/SOURCES/sudo-1.8.28-CVE-strtouid-test.patch new file mode 100644 index 00000000..b4bd095e --- /dev/null +++ b/SOURCES/sudo-1.8.28-CVE-strtouid-test.patch @@ -0,0 +1,96 @@ +diff -up ./lib/util/regress/atofoo/atofoo_test.c.CVE-strtouid-test ./lib/util/regress/atofoo/atofoo_test.c +--- ./lib/util/regress/atofoo/atofoo_test.c.CVE-strtouid-test 2018-04-29 21:59:23.000000000 +0200 ++++ ./lib/util/regress/atofoo/atofoo_test.c 2019-10-16 09:38:31.851404545 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2014 Todd C. Miller ++ * Copyright (c) 2014-2019 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -24,6 +24,7 @@ + #else + # include "compat/stdbool.h" + #endif ++#include + + #include "sudo_compat.h" + #include "sudo_util.h" +@@ -78,15 +79,20 @@ static struct strtoid_data { + id_t id; + const char *sep; + const char *ep; ++ int errnum; + } strtoid_data[] = { +- { "0,1", 0, ",", "," }, +- { "10", 10, NULL, NULL }, +- { "-2", -2, NULL, NULL }, ++ { "0,1", 0, ",", ",", 0 }, ++ { "10", 10, NULL, NULL, 0 }, ++ { "-1", 0, NULL, NULL, EINVAL }, ++ { "4294967295", 0, NULL, NULL, EINVAL }, ++ { "4294967296", 0, NULL, NULL, ERANGE }, ++ { "-2147483649", 0, NULL, NULL, ERANGE }, ++ { "-2", -2, NULL, NULL, 0 }, + #if SIZEOF_ID_T != SIZEOF_LONG_LONG +- { "-2", 4294967294U, NULL, NULL }, ++ { "-2", 4294967294U, NULL, NULL, 0 }, + #endif +- { "4294967294", 4294967294U, NULL, NULL }, +- { NULL, 0, NULL, NULL } ++ { "4294967294", 4294967294U, NULL, NULL, 0 }, ++ { NULL, 0, NULL, NULL, 0 } + }; + + static int +@@ -102,11 +108,23 @@ test_strtoid(int *ntests) + (*ntests)++; + errstr = "some error"; + value = sudo_strtoid(d->idstr, d->sep, &ep, &errstr); +- if (errstr != NULL) { +- if (d->id != (id_t)-1) { +- sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr); ++ if (d->errnum != 0) { ++ if (errstr == NULL) { ++ sudo_warnx_nodebug("FAIL: %s: missing errstr for errno %d", ++ d->idstr, d->errnum); ++ errors++; ++ } else if (value != 0) { ++ sudo_warnx_nodebug("FAIL: %s should return 0 on error", ++ d->idstr); ++ errors++; ++ } else if (errno != d->errnum) { ++ sudo_warnx_nodebug("FAIL: %s: errno mismatch, %d != %d", ++ d->idstr, errno, d->errnum); + errors++; + } ++ } else if (errstr != NULL) { ++ sudo_warnx_nodebug("FAIL: %s: %s", d->idstr, errstr); ++ errors++; + } else if (value != d->id) { + sudo_warnx_nodebug("FAIL: %s != %u", d->idstr, (unsigned int)d->id); + errors++; +diff -up ./plugins/sudoers/regress/testsudoers/test5.out.ok.CVE-strtouid-test ./plugins/sudoers/regress/testsudoers/test5.out.ok +--- ./plugins/sudoers/regress/testsudoers/test5.out.ok.CVE-strtouid-test 2018-04-29 21:59:23.000000000 +0200 ++++ ./plugins/sudoers/regress/testsudoers/test5.out.ok 2019-10-16 09:29:50.246761680 +0200 +@@ -4,7 +4,7 @@ Parse error in sudoers near line 1. + Entries for user root: + + Command unmatched +-testsudoers: test5.inc should be owned by gid 4294967295 ++testsudoers: test5.inc should be owned by gid 4294967294 + Parse error in sudoers near line 1. + + Entries for user root: +diff -up ./plugins/sudoers/regress/testsudoers/test5.sh.CVE-strtouid-test ./plugins/sudoers/regress/testsudoers/test5.sh +--- ./plugins/sudoers/regress/testsudoers/test5.sh.CVE-strtouid-test 2018-04-29 21:59:23.000000000 +0200 ++++ ./plugins/sudoers/regress/testsudoers/test5.sh 2019-10-16 09:29:50.246761680 +0200 +@@ -24,7 +24,7 @@ EOF + + # Test group writable + chmod 664 $TESTFILE +-./testsudoers -U $MYUID -G -1 root id < ++ * Copyright (c) 2013-2019 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -47,6 +47,27 @@ + #include "sudo_util.h" + + /* ++ * Make sure that the ID ends with a valid separator char. ++ */ ++static bool ++valid_separator(const char *p, const char *ep, const char *sep) ++{ ++ bool valid = false; ++ debug_decl(valid_separator, SUDO_DEBUG_UTIL) ++ ++ if (ep != p) { ++ /* check for valid separator (including '\0') */ ++ if (sep == NULL) ++ sep = ""; ++ do { ++ if (*ep == *sep) ++ valid = true; ++ } while (*sep++ != '\0'); ++ } ++ debug_return_bool(valid); ++} ++ ++/* + * Parse a uid/gid in string form. + * If sep is non-NULL, it contains valid separator characters (e.g. comma, space) + * If endp is non-NULL it is set to the next char after the ID. +@@ -60,38 +81,35 @@ sudo_strtoid_v1(const char *p, const cha + char *ep; + id_t ret = 0; + long long llval; +- bool valid = false; + debug_decl(sudo_strtoid, SUDO_DEBUG_UTIL) + + /* skip leading space so we can pick up the sign, if any */ + while (isspace((unsigned char)*p)) + p++; +- if (sep == NULL) +- sep = ""; ++ ++ /* While id_t may be 64-bit signed, uid_t and gid_t are 32-bit unsigned. */ + errno = 0; + llval = strtoll(p, &ep, 10); +- if (ep != p) { +- /* check for valid separator (including '\0') */ +- do { +- if (*ep == *sep) +- valid = true; +- } while (*sep++ != '\0'); ++ if ((errno == ERANGE && llval == LLONG_MAX) || llval > (id_t)UINT_MAX) { ++ errno = ERANGE; ++ if (errstr != NULL) ++ *errstr = N_("value too large"); ++ goto done; + } +- if (!valid) { ++ if ((errno == ERANGE && llval == LLONG_MIN) || llval < INT_MIN) { ++ errno = ERANGE; ++ if (errstr != NULL) ++ *errstr = N_("value too small"); ++ goto done; ++ } ++ ++ /* Disallow id -1, which means "no change". */ ++ if (!valid_separator(p, ep, sep) || llval == -1 || llval == (id_t)UINT_MAX) { + if (errstr != NULL) + *errstr = N_("invalid value"); + errno = EINVAL; + goto done; + } +- if (errno == ERANGE) { +- if (errstr != NULL) { +- if (llval == LLONG_MAX) +- *errstr = N_("value too large"); +- else +- *errstr = N_("value too small"); +- } +- goto done; +- } + ret = (id_t)llval; + if (errstr != NULL) + *errstr = NULL; +@@ -106,30 +124,15 @@ sudo_strtoid_v1(const char *p, const cha + { + char *ep; + id_t ret = 0; +- bool valid = false; + debug_decl(sudo_strtoid, SUDO_DEBUG_UTIL) + + /* skip leading space so we can pick up the sign, if any */ + while (isspace((unsigned char)*p)) + p++; +- if (sep == NULL) +- sep = ""; ++ + errno = 0; + if (*p == '-') { + long lval = strtol(p, &ep, 10); +- if (ep != p) { +- /* check for valid separator (including '\0') */ +- do { +- if (*ep == *sep) +- valid = true; +- } while (*sep++ != '\0'); +- } +- if (!valid) { +- if (errstr != NULL) +- *errstr = N_("invalid value"); +- errno = EINVAL; +- goto done; +- } + if ((errno == ERANGE && lval == LONG_MAX) || lval > INT_MAX) { + errno = ERANGE; + if (errstr != NULL) +@@ -142,28 +145,31 @@ sudo_strtoid_v1(const char *p, const cha + *errstr = N_("value too small"); + goto done; + } +- ret = (id_t)lval; +- } else { +- unsigned long ulval = strtoul(p, &ep, 10); +- if (ep != p) { +- /* check for valid separator (including '\0') */ +- do { +- if (*ep == *sep) +- valid = true; +- } while (*sep++ != '\0'); +- } +- if (!valid) { ++ ++ /* Disallow id -1, which means "no change". */ ++ if (!valid_separator(p, ep, sep) || lval == -1) { + if (errstr != NULL) + *errstr = N_("invalid value"); + errno = EINVAL; + goto done; + } ++ ret = (id_t)lval; ++ } else { ++ unsigned long ulval = strtoul(p, &ep, 10); + if ((errno == ERANGE && ulval == ULONG_MAX) || ulval > UINT_MAX) { + errno = ERANGE; + if (errstr != NULL) + *errstr = N_("value too large"); + goto done; + } ++ ++ /* Disallow id -1, which means "no change". */ ++ if (!valid_separator(p, ep, sep) || ulval == UINT_MAX) { ++ if (errstr != NULL) ++ *errstr = N_("invalid value"); ++ errno = EINVAL; ++ goto done; ++ } + ret = (id_t)ulval; + } + if (errstr != NULL) diff --git a/SPECS/sudo.spec b/SPECS/sudo.spec index 2dd01957..b4703670 100644 --- a/SPECS/sudo.spec +++ b/SPECS/sudo.spec @@ -1,7 +1,7 @@ Summary: Allows restricted root access for specified users Name: sudo Version: 1.8.23 -Release: 3%{?dist} +Release: 4%{?dist}.1 License: ISC Group: Applications/System URL: http://www.courtesan.com/sudo/ @@ -50,7 +50,16 @@ Patch7: sudo-1.8.23-nowaitopt.patch # bz in RHEL. The feature itself was delivered via the rebase to 1.8.23. Patch8: sudo-1.8.23-Ignore-PAM_NEW_AUTHTOK_REQD-and-PAM_AUTHTOK_EXPIRED.patch # 1547974 - (sudo-rhel-7.6-rebase) Rebase sudo to latest stable upstream version -Patch9: sudo-1.8.23-fix-double-quote-parsing-for-Defaults-values.patch +Patch9: sudo-1.8.23-fix-double-quote-parsing-for-Defaults-values.patch + +# 1672876 - Backporting sudo bug with expired passwords +Patch10: sudo-1.8.23-pam-expired-passwords.patch +# 1665285 - Problem with sudo-1.8.23 and 'who am i' +Patch11: sudo-1.8.23-who-am-i.patch + +# 1760694 - CVE-2019-14287 sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword [rhel-7.7.z] +Patch12: sudo-1.8.28-CVE-strtouid.patch +Patch13: sudo-1.8.28-CVE-strtouid-test.patch %description Sudo (superuser do) allows a system administrator to give certain @@ -85,6 +94,12 @@ plugins that use %{name}. %patch8 -p1 -b .pam-mgmt-ignore-errors %patch9 -p1 -b .defaults-double-quote-fix +%patch10 -p1 -b .pam-expired +%patch11 -p1 -b .who-am-i + +%patch12 -p1 -b .CVE-strtouid +%patch13 -p1 -b .CVE-strtouid-test + %build autoreconf -I m4 -fv --install @@ -222,6 +237,16 @@ rm -rf %{buildroot} %{_mandir}/man8/sudo_plugin.8* %changelog +* Wed Oct 16 2019 Radovan Sroka 1.8.23-4.1 +- RHEL-7.7.z +- fixed CVE-2019-14287 + Resolves: rhbz#1760694 + +* Wed Feb 20 2019 Radovan Sroka 1.8.23-4 +- RHEL-7.7 erratum + Resolves: rhbz#1672876 - Backporting sudo bug with expired passwords + Resolves: rhbz#1665285 - Problem with sudo-1.8.23 and 'who am i' + * Mon Sep 24 2018 Daniel Kopecek 1.8.23-3 - RHEL-7.6 erratum Resolves: rhbz#1547974 - Rebase sudo to latest stable upstream version @@ -318,11 +343,11 @@ rm -rf %{buildroot} * Wed Mar 08 2017 Tomas Sykora - 1.8.19p2-2 - RHEL 7.4 erratum -- Fixes coverity scan issues created by our patches: +- Fixes coverity scan issues created by our patches: - fixed resource leaks and a compiler warning in digest backport patch - removed needless code from cmnd_no_wait patch causing clang warning - format of the last changelog message causes problems to rhpkg push, - so don't use that as a commit message + so don't use that as a commit message Resolves: rhbz#1360687 * Wed Mar 01 2017 Tomas Sykora - 1.8.19p2-1 @@ -331,7 +356,7 @@ rm -rf %{buildroot} - Resolves: rhbz#1123526 - performance improvement - Resolves: rhbz#1308789 - add MAIL and NOMAIL tags - Resolves: rhbz#1348504 - sudo now parses sudoers with sudoers locale - - Resolves: rhbz#1374417 - "sudo -l command" indicated that the command + - Resolves: rhbz#1374417 - "sudo -l command" indicated that the command was runnable even if denied by sudoers when using LDAP or SSSD backend. - Resolves: rhbz#1387303 - add ignore_iolog_errors option - Resolves: rhbz#1389360 - wrong log file group ownership @@ -538,7 +563,7 @@ rm -rf %{buildroot} * Thu May 17 2012 Daniel Kopecek - 1.8.5-1 - update to 1.8.5 - fixed CVE-2012-2337 -- temporarily disabled SSSD support +- temporarily disabled SSSD support * Wed Feb 29 2012 Daniel Kopecek - 1.8.3p1-6 - fixed problems with undefined symbols (rhbz#798517) @@ -557,7 +582,7 @@ rm -rf %{buildroot} * Thu Nov 10 2011 Daniel Kopecek - 1.8.3p1-1 - update to 1.8.3p1 -- disable output word wrapping if the output is piped +- disable output word wrapping if the output is piped * Wed Sep 7 2011 Peter Robinson - 1.8.1p2-2 - Remove execute bit from sample script in docs so we don't pull in perl @@ -692,7 +717,7 @@ rm -rf %{buildroot} - sparc64 needs to be in the -fPIE list with s390 * Mon Jan 07 2008 Peter Vrabec 1.6.9p4-5 -- fix complains about audit_log_user_command(): Connection +- fix complains about audit_log_user_command(): Connection refused (#401201) * Wed Dec 05 2007 Release Engineering - 1.6.9p4-4 @@ -794,7 +819,7 @@ rm -rf %{buildroot} - rebuild * Mon Oct 4 2004 Thomas Woerner 1.6.7p5-30.1 -- added missing BuildRequires for libselinux-devel (#132883) +- added missing BuildRequires for libselinux-devel (#132883) * Wed Sep 29 2004 Dan Walsh 1.6.7p5-30 - Fix missing param error in sesh @@ -821,7 +846,7 @@ rm -rf %{buildroot} exec of child with SELinux patch * Thu Mar 18 2004 Dan Walsh 1.6.7p5-23 -- change to default to sysadm_r +- change to default to sysadm_r - Fix tty handling * Thu Mar 18 2004 Dan Walsh 1.6.7p5-22 @@ -829,7 +854,7 @@ rm -rf %{buildroot} - replace /bin/bash -c with /bin/sesh * Tue Mar 16 2004 Dan Walsh 1.6.7p5-21 -- Hard code to use "/bin/bash -c" for selinux +- Hard code to use "/bin/bash -c" for selinux * Tue Mar 16 2004 Dan Walsh 1.6.7p5-20 - Eliminate closing and reopening of terminals, to match su. @@ -854,7 +879,7 @@ rm -rf %{buildroot} - Fix is_selinux_enabled call * Tue Jan 13 2004 Dan Walsh 1.6.7p5-13 -- Clean up patch on failure +- Clean up patch on failure * Tue Jan 6 2004 Dan Walsh 1.6.7p5-12 - Remove sudo.te for now. @@ -977,7 +1002,7 @@ rm -rf %{buildroot} - fixed so it doesn't find /usr/bin/vi first, but instead /bin/vi (always installed) * Thu Oct 08 1998 Michael Maher -- built package for 5.2 +- built package for 5.2 * Mon May 18 1998 Michael Maher - updated SPEC file @@ -989,10 +1014,9 @@ rm -rf %{buildroot} - built for glibc, no problems * Fri Apr 25 1997 Michael Fulbright -- Fixed for 4.2 PowerTools +- Fixed for 4.2 PowerTools - Still need to be pamified - Still need to move stmp file to /var/log * Mon Feb 17 1997 Michael Fulbright - First version for PowerCD. -