-
sudo (1.9.5p2-2ubuntu3) hirsute; urgency=medium
* No change rebuild with fixed ownership.
-- Dimitri John Ledkov <email address hidden> Thu, 18 Feb 2021 00:03:21 +0000
-
sudo (1.9.5p2-2ubuntu2) hirsute; urgency=medium
* No change rebuild against new permissions ABI. LP: #1915250
sudo (1.9.5p2-2ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. (LP: #1915307)
* Remaining changes:
- debian/rules:
+ use dh-autoreconf
- debian/rules: stop shipping init scripts, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
* Dropped patches, no longer needed because they are integrated in Debian:
- CVE-2021-23239.patch
- CVE-2021-3156-1.patch
- CVE-2021-3156-2.patch
- CVE-2021-3156-3.patch
- CVE-2021-3156-4.patch
- CVE-2021-3156-5.patch
sudo (1.9.5p2-2) unstable; urgency=medium
* patch from upstream repo to fix NO_ROOT_MAILER
sudo (1.9.5p2-1) unstable; urgency=high
* new upstream version, addresses CVE-2021-3156
sudo (1.9.5p1-1.1) unstable; urgency=high
* Non-maintainer upload.
* Heap-based buffer overflow (CVE-2021-3156)
- Reset valid_flags to MODE_NONINTERACTIVE for sudoedit
- Add sudoedit flag checks in plugin that are consistent with front-end
- Fix potential buffer overflow when unescaping backslashes in user_args
- Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL
- Don't assume that argv is allocated as a single flat buffer
sudo (1.9.5p1-1) unstable; urgency=medium
* new upstream version, closes: #980028
sudo (1.9.5-1) unstable; urgency=medium
* new upstream version
-- Dimitri John Ledkov <email address hidden> Tue, 16 Feb 2021 10:39:16 +0000
-
sudo (1.9.5p2-2ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. (LP: #1915307)
* Remaining changes:
- debian/rules:
+ use dh-autoreconf
- debian/rules: stop shipping init scripts, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
* Dropped patches, no longer needed because they are integrated in Debian:
- CVE-2021-23239.patch
- CVE-2021-3156-1.patch
- CVE-2021-3156-2.patch
- CVE-2021-3156-3.patch
- CVE-2021-3156-4.patch
- CVE-2021-3156-5.patch
sudo (1.9.5p2-2) unstable; urgency=medium
* patch from upstream repo to fix NO_ROOT_MAILER
sudo (1.9.5p2-1) unstable; urgency=high
* new upstream version, addresses CVE-2021-3156
sudo (1.9.5p1-1.1) unstable; urgency=high
* Non-maintainer upload.
* Heap-based buffer overflow (CVE-2021-3156)
- Reset valid_flags to MODE_NONINTERACTIVE for sudoedit
- Add sudoedit flag checks in plugin that are consistent with front-end
- Fix potential buffer overflow when unescaping backslashes in user_args
- Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL
- Don't assume that argv is allocated as a single flat buffer
sudo (1.9.5p1-1) unstable; urgency=medium
* new upstream version, closes: #980028
sudo (1.9.5-1) unstable; urgency=medium
* new upstream version
-- William 'jawn-smith' Wilson <email address hidden> Wed, 10 Feb 2021 05:42:42 -0600
-
sudo (1.9.4p2-2ubuntu3) hirsute; urgency=medium
* SECURITY UPDATE: ineffective NO_ROOT_MAILER hardening option
- debian/patches/ineffective_no_root_mailer.patch: fix NO_ROOT_MAILER
in plugins/sudoers/logging.c, plugins/sudoers/policy.c.
- No CVE number
-- Marc Deslauriers <email address hidden> Sat, 30 Jan 2021 14:35:13 -0500
-
sudo (1.9.4p2-2ubuntu2) hirsute; urgency=medium
* SECURITY UPDATE: dir existence issue via sudoedit race
- debian/patches/CVE-2021-23239.patch: fix potential directory existing
info leak in sudoedit in src/sudo_edit.c.
- CVE-2021-23239
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
- debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
plugin in plugins/sudoers/policy.c.
- debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
when unescaping backslashes in plugins/sudoers/sudoers.c.
- debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
converting a v1 timestamp to TS_LOCKEXCL in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
allocated as a single flat buffer in src/parse_args.c.
- CVE-2021-3156
-- Marc Deslauriers <email address hidden> Tue, 26 Jan 2021 14:37:48 -0500
-
sudo (1.9.4p2-2ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/rules:
+ use dh-autoreconf
- debian/rules: stop shipping init scripts, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
sudo (1.9.4p2-2) unstable; urgency=medium
* always use /bin/mv to ensure reproducible builds whether built on a
usrmerge or non-usrmerge system, closes: #976307
sudo (1.9.4p2-1) unstable; urgency=medium
* new upstream version
sudo (1.9.4p1-1) unstable; urgency=medium
* new upstream version
sudo (1.9.4-1) unstable; urgency=medium
* new upstream version
-- Steve Langasek <email address hidden> Wed, 06 Jan 2021 13:51:07 -0800
-
sudo (1.9.3p1-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/rules:
+ use dh-autoreconf
- debian/rules: stop shipping init scripts, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
sudo (1.9.3p1-1) unstable; urgency=medium
* new upstream version
sudo (1.9.3-1) unstable; urgency=medium
* new upstream version
* make the comment match the text in default sudoers, closes: #964922
* enable zlib, closes: #846077
sudo (1.9.1-2) unstable; urgency=medium
* change # to @ on includedir in default sudoers to reduce confusion with
a comment, such as in 964922
-- Steve Langasek <email address hidden> Sat, 24 Oct 2020 17:14:39 -0700
-
sudo (1.9.1-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/rules:
+ use dh-autoreconf
- debian/rules: stop shipping init scripts, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
sudo (1.9.1-1) unstable; urgency=medium
* new upstream version
-- Steve Langasek <email address hidden> Wed, 08 Jul 2020 09:38:55 -0700