feat: update sudo to 1.9.16p2-1

Signed-off-by: lhdjply <lhdjply@126.com>

Author: lhdjply

ChangeLog

@@ -1,6 +1,6 @@
 Sudo is distributed under the following license:
 
-    Copyright (c) 1994-1996, 1998-2023
+    Copyright (c) 1994-1996, 1998-2024
         Todd C. Miller <Todd.Miller@sudo.ws>
 
     Permission to use, copy, modify, and distribute this software for any
@@ -247,9 +247,9 @@ The file inet_pton.c bears the following license:
 
 The file arc4random.c bears the following license:
 
-    Copyright (c) 1996, David Mazieres <dm@uun.org>  
-    Copyright (c) 2008, Damien Miller <djm@openbsd.org>  
-    Copyright (c) 2013, Markus Friedl <markus@openbsd.org>  
+    Copyright (c) 1996, David Mazieres <dm@uun.org>
+    Copyright (c) 2008, Damien Miller <djm@openbsd.org>
+    Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
     Copyright (c) 2014, Theo de Raadt <deraadt@openbsd.org>
 
     Permission to use, copy, modify, and distribute this software for any
@@ -282,7 +282,7 @@ The file arc4random_uniform.c bears the following license:
 
 The file getentropy.c bears the following license:
 
-    Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>  
+    Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
     Copyright (c) 2014 Bob Beck <beck@obtuse.com>
 
     Permission to use, copy, modify, and distribute this software for any
@@ -299,7 +299,7 @@ The file getentropy.c bears the following license:
 
 The embedded copy of zlib bears the following license:
 
-    Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
+    Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
 
     This software is provided 'as-is', without any express or implied
     warranty.  In no event will the authors be held liable for any damages

INSTALL.md

@@ -32,6 +32,7 @@ docs/cvtsudoers.mdoc.in
 docs/fixman.sh
 docs/fixmdoc.sed
 docs/schema.ActiveDirectory
+docs/schema.IBM_LDAP
 docs/schema.OpenLDAP
 docs/schema.iPlanet
 docs/schema.olcSudo
@@ -716,6 +717,8 @@ plugins/sudoers/po/hr.mo
 plugins/sudoers/po/hr.po
 plugins/sudoers/po/hu.mo
 plugins/sudoers/po/hu.po
+plugins/sudoers/po/id.mo
+plugins/sudoers/po/id.po
 plugins/sudoers/po/it.mo
 plugins/sudoers/po/it.po
 plugins/sudoers/po/ja.mo

LICENSE.md

@@ -221,20 +221,24 @@ depend: siglist.c signame.c tsgetusershell.c
 	    lib/util/Makefile.in lib/zlib/Makefile.in \
 	    lib/fuzzstub/Makefile.in lib/eventlog/Makefile.in \
 	    lib/iolog/Makefile.in lib/logsrv/Makefile.in logsrvd/Makefile.in \
-	    lib/protobuf-c/Makefile.in plugins/group_file/Makefile.in \
-	    plugins/sample/Makefile.in plugins/sudoers/Makefile.in \
-	    plugins/system_group/Makefile.in plugins/python/Makefile.in \
-	    src/Makefile.in && \
+	    lib/protobuf-c/Makefile.in lib/ssl_compat/Makefile.in \
+	    plugins/group_file/Makefile.in plugins/audit_json/Makefile.in \
+	    plugins/sample/Makefile.in plugins/sample_approval/Makefile.in \
+	    plugins/sudoers/Makefile.in plugins/system_group/Makefile.in \
+	    plugins/python/Makefile.in src/Makefile.in && \
 	$(top_builddir)/config.status --file $(top_builddir)/lib/util/Makefile \
 	    --file $(top_builddir)/lib/zlib/Makefile \
-	    --file $(top_builddir)/lib/eventlog/Makefile \
 	    --file $(top_builddir)/lib/fuzzstub/Makefile \
+	    --file $(top_builddir)/lib/eventlog/Makefile \
 	    --file $(top_builddir)/lib/iolog/Makefile \
 	    --file $(top_builddir)/lib/logsrv/Makefile \
 	    --file $(top_builddir)/lib/protobuf-c/Makefile \
+	    --file $(top_builddir)/lib/ssl_compat/Makefile \
 	    --file $(top_builddir)/logsrvd/Makefile \
-	    --file $(top_builddir)/plugins/sample/Makefile \
 	    --file $(top_builddir)/plugins/group_file/Makefile \
+	    --file $(top_builddir)/plugins/audit_json/Makefile \
+	    --file $(top_builddir)/plugins/sample/Makefile \
+	    --file $(top_builddir)/plugins/sample_approval/Makefile \
 	    --file $(top_builddir)/plugins/sudoers/Makefile \
 	    --file $(top_builddir)/plugins/system_group/Makefile \
 	    --file $(top_builddir)/plugins/python/Makefile \

MANIFEST

@@ -1,3 +1,114 @@
+What's new in Sudo 1.9.16p2
+
+ * Sudo now passes the terminal device number to the policy plugin
+   even if it cannot resolve it to a path name.  This allows sudo
+   to run without warnings in a chroot jail when the terminal device
+   files are not present. GitHub issue #421.
+
+ * On Linux systems, sudo will now attempt to use the symbolic links
+   in /proc/self/fd/{0,1,2} when resolving the terminal device
+   number.  This can allow sudo to map a terminal device to its
+   path name even when /dev/pts is not mounted in a chroot jail.
+
+ * Fixed compilation errors with gcc and clang in C23 mode.
+   C23 no longer supports functions with unspecified arguments.
+
+What's new in Sudo 1.9.16p1
+
+ * Fixed the test for cross-compiling when checking for C99 snprintf().
+   The changes made to the test in sudo 1.9.16 resulted in a different
+   problem.  GitHub issue #386.
+
+ * Fixed the date used by the exit record in sudo-format log files.
+   This was a regression introduced in sudo 1.9.16 and only affected
+   file-based logs, not syslog. GitHub issue #405.
+
+ * Fixed the root cause of the "unable to find terminal name for
+   device" message when running sudo on AIX when no terminal is
+   present.  In sudo 1.9.16 this was turned from a debug message
+   into a warning.  GitHub issue #408
+
+ * When a duplicate alias is found in the sudoers file, the warning
+   message now includes the file and line number of the previous
+   definition.
+
+ * Added support for the --with-secure-path-value=no configure
+   option to allow packagers to ship the default sudoers file with
+   the secure path line commented out.
+
+ * Sudo no longer sends mail when a user runs "sudo -nv" or "sudo -nl",
+   even if "mail_badpass" or "mail_always" are set.  Sudo already
+   avoids logging to a file or syslog in this case.  Bug #1072.
+
+What's new in Sudo 1.9.16
+
+ * Added the "cmddenial_message" sudoers option to provide additional
+   information to the user when a command is denied by the sudoers
+   policy.  The default message is still displayed.
+
+ * The time stamp used for file-based logs is now more consistent
+   with the time stamp produced by syslog.  GitHub issues #327.
+
+ * Sudo will now warn the user if it can detect the user's terminal
+   but cannot determine the path to the terminal device.  The sudoers
+   time stamp file will now use the terminal device number directly.
+   GitHub issue #329.
+
+ * The embedded copy of zlib has been updated to version 1.3.1.
+
+ * Improved error handling if generating the list of signals and signal
+   names fails at build time.
+
+ * Fixed a compilation issue on Linux systems without process_vm_readv().
+
+ * Fixed cross-compilation with WolfSSL.
+
+ * Added a "json_compact" value for the sudoers "log_format" option
+   which can be used when logging to a file.  The existing "json"
+   value has been aliased to "json_pretty".  In a future release,
+   "json" will be an alias for "json_compact".  GitHub issue #357.
+
+ * A new "pam_silent" sudoers option has been added which may be
+   negated to avoid suppressing output from PAM authentication modules.
+   GitHub issue #216.
+
+ * Fixed several cvtsudoers JSON output problems.
+   GitHub issues #369, #370, #371, #373, #381.
+
+ * When sudo runs a command in a pseudo-terminal and the user's
+   terminal is revoked, the pseudo-terminal's foreground process
+   group will now receive SIGHUP before the terminal is revoked.
+   This emulates the behavior of the session leader exiting and is
+   consistent with what happens when, for example, an ssh session
+   is closed.  GitHub issue #367.
+
+ * Fixed "make test" with Python 3.12.  GitHub issue #374.
+
+ * In schema.ActiveDirectory, fixed the quoting in the example command.
+   GitHub issue #376.
+
+ * Paths specified via a Chdir_Spec or Chroot_Spec in sudoers may
+   now be double-quoted.
+
+ * Sudo insults are now included by default, but disabled unless
+   the --with-insults configure option is specified or the "insults"
+   sudoers option is enabled.
+
+ * The default sudoers file now enables the "secure_path" option by
+   default and preserves the EDITOR, VISUAL, and SUDO_EDITOR environment
+   variables when running visudo.  The new --with-secure-path-value
+   configure option can be used to set the value of "secure_path" in
+   the default sudoers file.  GitHub issue #387.
+
+ * A sudoers schema for IBM Directory Server (aka IBM Tivoli Directory
+   Server, IBM Security Directory Server, and IBM Security Verify
+   Directory) is now included.
+
+ * When cross-compiling sudo, the configure script now assumes that
+   the snprintf() function is C99-compliant if the C compiler
+   supports the C99 standard.  Previously, configure would use
+   sudo's own snprintf() when cross-compiling.  GitHub issue #386.
+
 What's new in Sudo 1.9.15p5
 
  * Fixed evaluation of the "lecture", "listpw", "verifypw", and
@@ -194,7 +305,7 @@ What's new in Sudo 1.9.14
    The sudoers plugin will now change the root directory id needed
    before performing command matching.  Previously, the root directory
    was simply prepended to the path that was being processed.
- 
+
  * When NETGROUP_BASE is set in the ldap.conf file, sudo will now
    perform its own netgroup lookups of the host name instead of
    using the system innetgr(3) function.  This guarantees that user
@@ -204,7 +315,7 @@ What's new in Sudo 1.9.14
  * Fixed a bug introduced in sudo 1.9.13 that resulted in a missing
    " ; " separator between environment variables and the command
    in log entries.
-   
+
  * The visudo utility now displays a warning when it ignores a file
    in an include dir such as /etc/sudoers.d.
 
@@ -373,7 +484,7 @@ What's new in Sudo 1.9.13
  * Sudo no longer checks the ownership and mode of the plugins that
    it loads.  Plugins are configured via either the sudo.conf or
    sudoers file which are trusted configuration files.  These checks
-   suffered from time-of-check vs. time-of-use race conditions and
+   suffered from time-of-check versus time-of-use race conditions and
    complicate loading plugins that are not simple paths.  Ownership
    and mode checks are still performed when loading the sudo.conf
    and sudoers files, which do not suffer from race conditions.
@@ -462,7 +573,7 @@ What's new in Sudo 1.9.12
    security policy.  The new "intercept_verify" sudoers setting can
    be used to control this behavior.
 
- * Fixed running commands with a relative path (e.g. ./foo) in
+ * Fixed running commands with a relative path (e.g., ./foo) in
    intercept mode.  Previously, this would fail if sudo's current
    working directory was different from that of the command.
 
@@ -527,7 +638,7 @@ What's new in Sudo 1.9.12
    from the EDITOR environment variable.  GitHub issue #179.
 
  * The sudo Python plugin now implements the "find_spec" method instead
-   of the the deprecated "find_module".  This fixes a test failure when
+   of the deprecated "find_module".  This fixes a test failure when
    a newer version of setuptools that doesn't include "find_module" is
    found on the system.
 
@@ -762,7 +873,7 @@ What's new in Sudo 1.9.9
 
  * visudo now only warns about an undefined alias or a cycle in an
    alias once for each alias.
- 
+
  * The sudoRole cn was truncated by a single character in warning messages.
    GitHub issue #115.
 
@@ -928,7 +1039,7 @@ What's new in Sudo 1.9.8
  * The new "log_exit_status" sudoers setting can be used to log
    the exit status commands run via sudo.  This is also a corresponding
    "log_exit" setting in the sudo_logsrvd.conf eventlog stanza.
- 
+
  * Support for logging sudo_logsrvd errors via syslog or to a file.
    Previously, most sudo_logsrvd errors were only visible in the
    debug log.
@@ -973,7 +1084,7 @@ What's new in Sudo 1.9.7p2
    to load a plugin with a name that conflicts with a Python module
    installed in the system location.
 
- * Sudo no longer sets the the open files resource limit to "unlimited"
+ * Sudo no longer sets the open files resource limit to "unlimited"
    while it runs.  This avoids a problem where sudo's closefrom()
    emulation would need to close a very large number of descriptors
    on systems without a way to determine which ones are actually open.
@@ -1020,7 +1131,7 @@ What's new in Sudo 1.9.7
  * The "fuzz" Makefile target now runs all the fuzzers for 8192
    passes (can be overridden via the FUZZ_RUNS variable).  This makes
    it easier to run the fuzzers in-tree.  To run a fuzzer indefinitely,
-   set FUZZ_RUNS=-1, e.g. "make FUZZ_RUNS=-1 fuzz".
+   set FUZZ_RUNS=-1, e.g., "make FUZZ_RUNS=-1 fuzz".
 
  * Fixed fuzzing on FreeBSD where the ld.lld linker returns an
    error by default when a symbol is multiply-defined.
@@ -1650,7 +1761,7 @@ What's new in Sudo 1.9.0
 
  * Fixed an issue where PAM session modules could be called with
    the wrong user name when multiple users in the passwd database
-   share the the same user-ID.  Debian bug #734752.
+   share the same user-ID.  Debian bug #734752.
 
  * Sudo command line options that take a value may only be specified
    once.  This is to help guard against problems caused by poorly
@@ -1697,7 +1808,7 @@ What's new in Sudo 1.8.30
  * Sudo now treats an attempt to run "sudo sudoedit" as simply
    "sudoedit".  If the sudoers file contains a fully-qualified path
    to sudoedit, sudo will now treat it simply as "sudoedit" (with
-   no path).  Visudo will will now treat a fully-qualified path
+   no path).  Visudo will now treat a fully-qualified path
    to sudoedit as an error.  Bug #871.
 
  * Fixed a bug introduced in sudo 1.8.28 where sudo would warn about
@@ -2757,7 +2868,7 @@ What's new in Sudo 1.8.15
 *  When the command sudo is running dies due to a signal, sudo will
    now send itself that same signal with the default signal handler
    installed instead of exiting.  The bash shell appears to ignore
-   some signals, e.g. SIGINT, unless the command being run is killed
+   some signals, e.g., SIGINT, unless the command being run is killed
    by that signal.  This makes the behavior of commands run under
    sudo the same as without sudo when bash is the shell.  Bug #722
 
@@ -3551,7 +3662,7 @@ What's new in Sudo 1.8.6p1?
 
 What's new in Sudo 1.8.6?
 
- * Sudo is now built with the -fstack-protector flag if the the
+ * Sudo is now built with the -fstack-protector flag if the
    compiler supports it.  Also, the -zrelro linker flag is used if
    supported.  The --disable-hardening configure option can be used
    to build sudo without stack smashing protection.
@@ -3689,15 +3800,15 @@ What's new in Sudo 1.8.5?
 
  * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
    file is now uses to determine the controlling terminal, if possible.
-   This allows tty-based tickets to work properly even when, e.g.
+   This allows tty-based tickets to work properly even when, e.g.,
    standard input, output and error are redirected to /dev/null.
 
  * The output of "sudoreplay -l" is now sorted by file name (or
    sequence number).  Previously, entries were displayed in the
    order in which they were found on the file system.
 
  * Sudo now behaves properly when I/O logging is enabled and the
-   controlling terminal is revoked (e.g. the running sshd is killed).
+   controlling terminal is revoked (e.g., the running sshd is killed).
    Previously, sudo may have exited without calling the I/O plugin's
    close function which can lead to an incomplete I/O log.
 
@@ -3808,19 +3919,19 @@ What's new in Sudo 1.8.4?
  * The deprecated "noexec_file" sudoers option is no longer supported.
 
  * Fixed a race condition when I/O logging is not enabled that could
-   result in tty-generated signals (e.g. control-C) being received
+   result in tty-generated signals (e.g., control-C) being received
    by the command twice.
 
  * If none of the standard input, output or error are connected to
    a tty device, sudo will now check its parent's standard input,
    output or error for the tty name on systems with /proc and BSD
    systems that support the KERN_PROC_PID sysctl.  This allows
-   tty-based tickets to work properly even when, e.g. standard
+   tty-based tickets to work properly even when, e.g., standard
    input, output and error are redirected to /dev/null.
 
  * Added the --enable-kerb5-instance configure option to allow
    people using Kerberos V authentication to specify a custom
-   instance so the principal name can be, e.g. "username/sudo"
+   instance so the principal name can be, e.g., "username/sudo"
    similar to how ksu uses "username/root".
 
  * Fixed a bug where a pattern like "/usr/*" included /usr/bin/ in
@@ -4007,7 +4118,7 @@ What's new in Sudo 1.8.1?
    fixed.
 
  * Sudo will now create an entry in the utmp (or utmpx) file when
-   allocating a pseudo-tty (e.g. when logging I/O).  The "set_utmp"
+   allocating a pseudo-tty (e.g., when logging I/O).  The "set_utmp"
    and "utmp_runas" sudoers file options can be used to control this.
    Other policy plugins may use the "set_utmp" and "utmp_user"
    entries in the command_info list.
@@ -4308,7 +4419,7 @@ What's new in Sudo 1.7.3?
    now taken into account when looking up users and groups.  Sudo
    now applies the correct the user and group ids when running a
    command as a user whose account details come from a different
-   source (e.g. LDAP or DCE vs.  local files).
+   source (e.g., LDAP or DCE versus local files).
 
  * Support for multiple 'sudoers_base' and 'uri' entries in ldap.conf.
    When multiple entries are listed, sudo will try each one in the