Rebase to sudo 1.9.13p2

- sudo-1.9.13p2 is available
Resolves: rhbz#2169840
- sudo: double free with per-command chroot sudoers rules
Resolves: CVE-2023-27320

Signed-off-by: Radovan Sroka <rsroka@redhat.com>

.gitignore

@@ -28,3 +28,6 @@
 /sudo-1.9.5p1.tar.gz
 /sudo-1.9.5p2.tar.gz
 /sudo-1.9.8p2.tar.gz
+/sudo-1.9.11p3.tar.gz
+/sudo-1.9.12p2.tar.gz
+/sudo-1.9.13p2.tar.gz

sources

@@ -1 +1 @@
-SHA512 (sudo-1.9.8p2.tar.gz) = 899b252e8c219226f658dff3dd34c97b07d42004998b45175b4c0c4de42a6bf9f909598e99b4056fa1171e63378e203854b0f8608b0f5c1b00e9d3677818f6d3
+SHA512 (sudo-1.9.13p2.tar.gz) = b3015a114fd518afd644c9934f2461046f1116506723217603af1a952bdb436689761b4d009dfe32b725bad2e0ebcaf19db72febfaa63895ba004256fea12bef

sudo.spec

@@ -1,21 +1,20 @@
-
 # comment out if no extra version
 %global extraver p2
 
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.9.8
+Version: 1.9.13
 # remove -b 3 after rebase !!!
 # use "-p -e % {?extraver}" when beta
 # use "-e % {?extraver}"" when patch version
 # use nothing special when normal version
-Release: %autorelease -e %{?extraver} -b 3
+Release: %autorelease -e %{?extraver}
 License: ISC
 URL: https://www.sudo.ws
 Source0: %{url}/dist/%{name}-%{version}%{?extraver}.tar.gz
 Source1: sudoers
 Requires: pam
-Recommends: nano
+Recommends: system-default-editor
 Recommends: %{name}-python-plugin%{?_isa} = %{version}-%{release}
 
 BuildRequires: make
@@ -90,7 +89,7 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
         --sbindir=%{_sbindir} \
         --libdir=%{_libdir} \
         --docdir=%{_pkgdocdir} \
-	--enable-openssl \
+        --enable-openssl \
         --disable-root-mailer \
         --disable-intercept \
         --with-logging=syslog \
@@ -104,8 +103,8 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
         --with-ldap \
         --with-selinux \
         --with-passprompt="[sudo] password for %p: " \
-	--enable-python \
-	--enable-zlib=system \
+        --enable-python \
+        --enable-zlib=system \
         --with-linux-audit \
         --with-sssd
 #       --without-kerb5 \
@@ -194,7 +193,6 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/sudoers.so
 %attr(0644,root,root) %{_libexecdir}/sudo/audit_json.so
 %attr(0644,root,root) %{_libexecdir}/sudo/group_file.so
-%attr(0644,root,root) %{_libexecdir}/sudo/sample_approval.so
 %attr(0644,root,root) %{_libexecdir}/sudo/system_group.so
 %attr(0644,root,root) %{_libexecdir}/sudo/libsudo_util.so.?.?.?
 %{_libexecdir}/sudo/libsudo_util.so.?
@@ -211,13 +209,13 @@ EOF
 %dir %{_pkgdocdir}/
 %{_pkgdocdir}/*
 %{!?_licensedir:%global license %%doc}
-%license doc/LICENSE
+%license LICENSE.md
 %exclude %{_pkgdocdir}/ChangeLog
 
 %files devel
 %doc plugins/sample/sample_plugin.c
 %{_includedir}/sudo_plugin.h
-%{_mandir}/man8/sudo_plugin.8*
+%{_mandir}/man5/sudo_plugin.5*
 
 %files logsrvd
 %attr(0640,root,root) %config(noreplace) /etc/sudo_logsrvd.conf
@@ -229,7 +227,7 @@ EOF
 %{_mandir}/man8/sudo_sendlog.8.gz
 
 %files python-plugin
-%{_mandir}/man8/sudo_plugin_python.8.gz
+%{_mandir}/man5/sudo_plugin_python.5.gz
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so
 
 %changelog