-
sudo (1.8.6p3-0ubuntu3) raring; urgency=low
* SECURITY UPDATE: authentication bypass via clock set to epoch
- debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is
set to epoch in plugins/sudoers/check.c.
- CVE-2013-1775
-- Marc Deslauriers <email address hidden> Wed, 27 Feb 2013 13:26:26 -0500
-
sudo (1.8.6p3-0ubuntu2) raring; urgency=low
* The latest sssd upload dropped the soname from libsss_sudo.so, so we
can now drop our sudo delta and just use libsss_sudo.so directly.
-- Stephane Graber <email address hidden> Fri, 07 Dec 2012 23:11:45 -0500
-
sudo (1.8.6p3-0ubuntu1) raring; urgency=low
* New upstream release (1.8.6p3).
* Add patch to fix building with sssd when ldap is disabled.
* Drop sudo.manpages and sudo-ldap.manpages as the upstream build system
now does the right thing here.
* Build the main sudo package with support for sssd, this doesn't add any
additional build time or runtime dependency. sudo will dynamically load
the sssd library if 'sss' is listed for the 'sudoers' nss service.
-- Stephane Graber <email address hidden> Fri, 16 Nov 2012 09:31:32 -0500
-
sudo (1.8.5p2-1ubuntu1) quantal; urgency=low
* Merge from debian/testing (LP: #1024154), remaining changes:
- debian/patches/keep_home_by_default.patch:
+ Set HOME in initial_keepenv_table.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets (Ubuntu specific)
+ install man/man8/sudo_root.8 in both flavours (Ubuntu specific)
+ install apport hooks
+ The ubuntu-sudo-as-admin-successful.patch was taken upstream by
Debian however it requires a --enable-admin-flag configure flag to
actually enable it in both flavours.
- debian/control:
+ Mark Debian Vcs-* as XS-Debian-Vcs-*
+ update debian/control
- debian/sudoers:
+ grant admin group sudo access
- debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
* Dropped changes:
- debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch
+ Fixed upstream in 1.8.5
- debian/patches/CVE-2012-2337.patch:
+ Fixed upstream in 1.8.4p5
- debian/patches/pam_env_merge.patch:
+ Feature released upstream in 1.8.5
- debian/{sudo,sudo-ldap}.{preinst,postinst,postrm}:
+ Drop Ubuntu-specific sudoers file migration code because the only
upgrade path to quantal is from precise. All necessary sudoers file
migration will have already been done by the time this version of the
sudo package is installed.
sudo (1.8.5p2-1) unstable; urgency=low
* new upstream version
* patch to use flock on hurd, run autoconf in rules, closes: #655883
* patch to avoid calling unlink with null pointer on hurd, closes: #655948
* patch to actually use hardening build flags, closes: #655417
* fix sudo-ldap.postinst syntax issue, closes: #669576
-- Tyler Hicks <email address hidden> Mon, 16 Jul 2012 14:01:42 +0200
