-
sudo (1.9.14p2-1ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2030914). Remaining changes:
- debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
- debian/sudo[-ldap].init: delete init scripts, as they are no longer
necessary.
- debian/etc/pam.d/sudo[-i]:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/etc/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
- debian/tests/control: 03-getroot-ldap
+ allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
- debian/tests/04-getroot-sssd:
+ Check if the slapd daemon is ready before proceeding.
In some situations, the next command (ldapmodify) runs before
the service is ready. See LP#2026888
-- Danilo Egea Gondolfo <email address hidden> Wed, 09 Aug 2023 21:53:59 +0100
-
sudo (1.9.13p3-3ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2025655). Remaining changes:
- debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
- debian/sudo[-ldap].init: delete init scripts, as they are no longer
necessary.
- debian/etc/pam.d/sudo[-i]:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/etc/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
- debian/tests/control: 03-getroot-ldap:
+ allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
* Added changes:
- debian/tests/04-getroot-sssd:
+ Check if the slapd daemon is ready before proceeding.
In some situations, the next command (ldapmodify) runs before
the service is ready. See LP:#2026888
* Dropped changes:
- Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
This wasn't in the former Ubuntu version, just mentioned
in the changelog by accident
sudo (1.9.13p3-3) unstable; urgency=medium
* fix wrong patch to fix event log format
(added wrongly in 1.9.13p3-2)
sudo (1.9.13p3-2) unstable; urgency=medium
* add upstream patch to fix event log format.
Thanks to Kimmo Suominen (Closes: #1039557)
* add patch to improve upstream spanish translation
-- Danilo Egea Gondolfo <email address hidden> Mon, 03 Jul 2023 15:23:30 +0100
-
sudo (1.9.13p3-1ubuntu1) mantic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
- debian/sudo[-ldap].init: delete init scripts, as they are no longer
necessary.
- debian/etc/pam.d/sudo[-i]:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due
to security reasons.
- debian/etc/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
- debian/tests/control: 03-getroot-ldap:
+ allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
- debian/control:
+ Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
(for context see LP 1915250)
* Dropped changes, now included in Debian:
- debian/patches/CVE-2023-27320.patch
-- Danilo Egea Gondolfo <email address hidden> Tue, 23 May 2023 14:34:04 +0100
-
sudo (1.9.13p1-1ubuntu2) lunar; urgency=medium
* SECURITY UPDATE: double free with per-command chroot sudoers rules
- debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in
MANIFEST, plugins/sudoers/match_command.c,
plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
plugins/sudoers/regress/testsudoers/test20.out.ok,
plugins/sudoers/regress/testsudoers/test20.sh,
plugins/sudoers/testsudoers.c,
plugins/sudoers/visudo.c.
- CVE-2023-27320
-- Marc Deslauriers <email address hidden> Wed, 01 Mar 2023 08:51:34 -0500