-
sudo (1.8.9p5-1ubuntu5) vivid; urgency=medium
* SECURITY UPDATE: arbitrary file access via TZ
- debian/patches/CVE-2014-9680.patch: sanity check TZ env variable in
configure, configure.ac, doc/sudoers.cat, doc/sudoers.man.in,
doc/sudoers.mdoc.in, m4/sudo.m4, pathnames.h.in,
plugins/sudoers/env.c.
- CVE-2014-9680
-- Marc Deslauriers <email address hidden> Thu, 12 Mar 2015 10:45:21 -0400
-
sudo (1.8.9p5-1ubuntu4) vivid; urgency=medium
* Correct sudo.pam use "session" for pam_env.so, not "auth". (LP:
#155794, LP: #25700)
-- Dimitri John Ledkov <email address hidden> Tue, 23 Dec 2014 04:08:33 +0000
-
sudo (1.8.9p5-1ubuntu3) vivid; urgency=medium
* debian/patches/also_check_sudo_group.diff: also check the sudo group
in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
admin group check for backwards compatibility. (LP: #1387347)
-- Marc Deslauriers <email address hidden> Wed, 29 Oct 2014 15:55:34 -0400
-
sudo (1.8.9p5-1ubuntu2) utopic; urgency=medium
* debian/sudo_root.8: mention sudo group instead of deprecated group
admin (LP: #1130643)
-- Andrey Bondarenko <email address hidden> Sat, 23 Aug 2014 01:18:05 +0600
