-
sudo (1.7.4p4-5ubuntu7.2) natty-security; urgency=low
* SECURITY UPDATE: Properly handle multiple netmasks in sudoers Host and
Host_List values
- debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4
addresses. Based on upstream patch.
- CVE-2012-2337
-- Tyler Hicks <email address hidden> Tue, 15 May 2012 23:28:04 -0500
-
sudo (1.7.4p4-5ubuntu7.1) natty-proposed; urgency=low
* debian/sudo.preinst:
- if well-known ec2 vmbuilder file is found, write a file in
sudoers.d for the 'ubuntu' user (LP: #768625)
-- Scott Moser <email address hidden> Thu, 21 Apr 2011 18:04:34 -0400
-
sudo (1.7.4p4-5ubuntu7) natty; urgency=low
* debian/sudo.preinst:
- do not consider the ec2 vmbuilder default sudoers file
verbatim as its actually customized (LP: #761689)
-- Michael Vogt <email address hidden> Fri, 15 Apr 2011 16:40:10 +0200
-
sudo (1.7.4p4-5ubuntu6) natty; urgency=low
* debian/patches/keep_home_by_default.patch: Set HOME in
initial_keepenv_table. LP: #760140
-- Steve Langasek <email address hidden> Wed, 13 Apr 2011 12:32:25 -0700
-
sudo (1.7.4p4-5ubuntu5) natty; urgency=low
* debian/sudo.preinst:
- avoid conffile prompt by checking for known default /etc/sudoers
and if found installing the correct default /etc/sudoers file
(LP: #690873)
-- Michael Vogt <email address hidden> Fri, 25 Mar 2011 09:13:43 +0100
-
sudo (1.7.4p4-5ubuntu4) natty; urgency=low
* debian/rules: The ubuntu-sudo-as-admin-successful.patch was taken
upstream by Debian however it requires a --enable-admin-flag configure
flag to actually enable it.
(LP: #706045)
-- Bryce Harrington <email address hidden> Thu, 10 Feb 2011 12:01:53 -0800
-
sudo (1.7.4p4-5ubuntu3) natty; urgency=low
* SECURITY UPDATE: privilege escalation via -g when using group Runas_List
- debian/patches/CVE-2011-0010.patch: prompt for password when the user is
running sudo as himself but as a different group
- CVE-2011-0010
-- Jamie Strandboge <email address hidden> Tue, 18 Jan 2011 16:37:09 -0600
-
sudo (1.7.4p4-5ubuntu2) natty; urgency=low
* debian/sudoers: temporarily workaround LP #690873 by adding %admin
into the default sudoers file in case people just say "yes" to the
dpkg conffile prompt.
-- Kees Cook <email address hidden> Wed, 15 Dec 2010 15:38:17 -0800
-
sudo (1.7.4p4-5ubuntu1) natty; urgency=low
* Merge from debian unstable (LP: #689025), remaining changes:
- debian/rules:
+ compile with --without-lecture --with-tty-tickets (Ubuntu specific)
+ install man/man8/sudo_root.8 (Ubuntu specific)
+ install apport hooks
- debian/sudo-ldap.dirs, debian/sudo.dirs: add
usr/share/apport/package-hooks
* This upload also fixes: LP: #609645
sudo (1.7.4p4-5) unstable; urgency=low
* patch from Jakub Wilk to add noopt and nostrip build option support,
closes: #605580
* make sudoers a conffile, closes: #605130
* add descriptions to LSB init headers, closes: #604619
* change default sudoers %sudo entry to allow gid changes, closes: #602699
* add Vcs entries to the control file
* use debhelper install files instead of explicit installs in rules
sudo (1.7.4p4-4) unstable; urgency=low
* patch from upstream to resolve problem always prompting for a password
when run without a tty, closes: #599376
* patch from upstream to resolve interoperability problem between HOME in
env_keep and the -H flag, closes: #596493
* change path syntax to avoid tar error when /var/run/sudo exists but is
empty, closes: #598877
sudo (1.7.4p4-3) unstable; urgency=low
* make postinst clause for handling /var/run -> /var/lib transition less
fragile, closes: #585514
* cope with upstream's Makefile trying to install ChangeLog in our doc
directory, closes: #597389
* fix README.Debian to reflect that HOME is no longer preserved by default,
closes: #596847
sudo (1.7.4p4-2) unstable; urgency=low
* add a NEWS item about change in $HOME handling that impacts programs
like pbuilder
sudo (1.7.4p4-1) unstable; urgency=high
* new upstream version, urgency high due to fix for flaw in Runas group
matching (CVE-2010-2956), closes: #595935
* handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
re-lecturing existing users, and to clean up after ourselves on upgrade,
and remove the RAMRUN section from README.Debian since the new state dir
should fix the original problem, closes: #585514
* deliver README.Debian to both package flavors, closes: #593579
-- Lorenzo De Liso <email address hidden> Wed, 15 Dec 2010 21:32:57 +0100
-
sudo (1.7.2p7-1ubuntu3) natty; urgency=low
* No-change upload to drop sizable upstream changelog.
-- Martin Pitt <email address hidden> Mon, 22 Nov 2010 11:24:33 +0100
-
sudo (1.7.2p7-1ubuntu2) maverick; urgency=low
* SECURITY UPDATE: privilege escalation via '-g' option when using
'user:group' in Runas_Spec
- debian/patches/CVE-2010-2956.patch: update match.c to verify both user
and group match sudoers when using '-g'
- CVE-2010-2956
-- Jamie Strandboge <email address hidden> Tue, 31 Aug 2010 14:54:06 -0500