-
sudo (1.6.9p10-1ubuntu3.10) hardy-security; urgency=low
* SECURITY UPDATE: authentication bypass via clock set to epoch
- debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is
set to epoch in check.c.
- backported from ddf399e3e306ca238f6f1cda8153889b15bba12e
- CVE-2013-1775
-- Marc Deslauriers <email address hidden> Wed, 27 Feb 2013 14:28:45 -0500
-
sudo (1.6.9p10-1ubuntu3.9) hardy-security; urgency=low
* SECURITY UPDATE: Properly handle multiple netmasks in sudoers Host and
Host_List values
- parse.c: Prevent IPv6 netmask-based address matching logic from
incorrectly being applied to IPv4 addresses. Based on upstream patch
written by Todd C. Miller.
- CVE-2012-2337
-- Tyler Hicks <email address hidden> Tue, 15 May 2012 23:28:04 -0500
-
sudo (1.6.9p10-1ubuntu3.8) hardy-security; urgency=low
* SECURITY UPDATE: properly handle multiple PATH variables when using
secure_path in env.c
- http://www.sudo.ws/repos/sudo/raw-rev/3057fde43cf0
- CVE-2010-1646
-- Jamie Strandboge <email address hidden> Fri, 18 Jun 2010 13:57:12 -0500
-
sudo (1.6.9p10-1ubuntu3.7) hardy-security; urgency=low
* SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit'
pseudo-command when running from the current working directory and
secure_path is disabled
- CVE-2010-XXXX
-- Jamie Strandboge <email address hidden> Tue, 13 Apr 2010 12:22:18 -0500
-
sudo (1.6.9p10-1ubuntu3.6) hardy-security; urgency=low
* SECURITY UPDATE: properly verify path for the 'sudoedit' pseudo-command
in parse.c
- http://sudo.ws/repos/sudo/rev/f86e1b56d074
- CVE-2010-0426
* SECURITY UPDATE: reset cached supplementary runas groups when changing
the runas user in set_perms.c and sudo.c
- http://sudo.ws/repos/sudo/rev/aa0b6c01c462
- CVE-2010-0427
-- Jamie Strandboge <email address hidden> Thu, 25 Feb 2010 06:49:56 -0600
-
sudo (1.6.9p10-1ubuntu3.5) hardy-proposed; urgency=low
* debian/rules:
- add /usr/lib/kde4/bin to secure_path (LP: #191264)
-- Mackenzie Morgan <email address hidden> Thu, 23 Jul 2009 12:32:28 -0400
-
sudo (1.6.9p10-1ubuntu3.4) hardy-security; urgency=low
* SECURITY UPDATE: privilege escalation via non-default system groups.
- parse.c: upstream fix for CVE-2009-0034:
http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c?r1=1.160.2.21&r2=1.160.2.22
-- Kees Cook <email address hidden> Mon, 16 Feb 2009 12:13:47 -0800
-
sudo (1.6.9p10-1ubuntu3.3) hardy-proposed; urgency=low
* sudo.c: Drop usage of locale again, to revert back to the 1.6.8 behaviour.
fnmatch() and glob() behave differently under different locales and thus
cause undefined behaviour with (admittedly underspecified) character range
globs such as "[a-Z]". Patch taken from upstream CVS, see
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=296 (LP: #228046)
-- Martin Pitt <email address hidden> Mon, 01 Sep 2008 13:12:14 +0000
-
sudo (1.6.9p10-1ubuntu3.2) hardy-proposed; urgency=low
* env.c: Do not reset $HOME. sudo's documentation specifies that $HOME is
not changed unless -H/-s is specified, and behaved that way until Gutsy
(thus this is a regression). Fix backported from latest sudo release:
http://www.sudo.ws/cgi-bin/cvsweb/sudo/env.c.diff?r1=1.39.2.17&r2=1.39.2.18
(LP: #221395)
* debian/postinst: Put "NOPASSWD" example at the bottom, so that
uncommenting it will actually work (later entries override former ones).
Also add a comment to point that out. This will only apply to new
installs, though, touching sudoers on upgrades is a no-go. (LP: #131399)
-- Martin Pitt <email address hidden> Wed, 14 May 2008 15:30:00 +0200
-
sudo (1.6.9p10-1ubuntu3.1) hardy-proposed; urgency=low
* logging.c: Ignore SIGPIPE when creating an error email, so that non-fatal
error messages (like "unable to resolve local host name") do not lead to
being killed with SIGPIPE if /usr/bin/sendmail does not exist or crashes.
(LP: #32906)
-- Martin Pitt <email address hidden> Wed, 30 Apr 2008 13:09:04 +0200
-
sudo (1.6.9p10-1ubuntu3) hardy; urgency=low
* env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
for "sudo apt-get ...". This is an EBW workaround for a design problem of
not having a system-wide proxy setting, but in order to not break existing
practice for upgrades we have to live with it for Hardy.
-- Martin Pitt <email address hidden> Mon, 25 Feb 2008 11:35:48 +0100
-
sudo (1.6.9p10-1ubuntu2) hardy; urgency=low
* No-change rebuild against libldap-2.4-2.
-- Steve Langasek <email address hidden> Tue, 22 Jan 2008 17:33:14 +0000
-
sudo (1.6.9p10-1ubuntu1) hardy; urgency=low
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
specific)
- Add debian/sudo_root.8: Explanation of root handling through sudo.
Install it in debian/rules. (Ubuntu specific)
- sudo.c: If the user successfully authenticated and he is in the 'admin'
group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
profile checks for this and displays a short intro about sudo if the
flag is not present. (Ubuntu specific)
* The password prompt asks for the target user's password now, not the
invoking one's. (LP: #148498)
sudo (1.6.9p10-1) unstable; urgency=low
* new upstream version
* tweak default password prompt as %u doesn't make sense. Accept patch from
Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
uses it by default, closes: #454409
* accept patch from Martin Pitt that adds a prerm making it difficult to
"accidentally" remove sudo when there is no root password set on the
system, closes: #451241
-- Martin Pitt <email address hidden> Wed, 02 Jan 2008 08:56:12 +0100
-
sudo (1.6.9p9-1ubuntu1) hardy; urgency=low
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/prerm: Abort package removal if there is no root password.
(Debian #451241).
- debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
specific)
- Add debian/sudo_root.8: Explanation of root handling through sudo.
Install it in debian/rules. (Ubuntu specific)
- sudo.c: If the user successfully authenticated and he is in the 'admin'
group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
profile checks for this and displays a short intro about sudo if the
flag is not present. (Ubuntu specific)
* sudo.c, parse.c: Apply a change that was missing from the older upstream
tarball that fixes the upstream solution of "SETENV is implicit for ALL".
We do not want to deviate our orig.tar.gz from Debian's, though.
sudo (1.6.9p9-1) unstable; urgency=low
* new upstream version
* debian/rules: configure a more informative default password prompt to
reduce confusion when using sudo to invoke commands which also ask for
passwords, closes: #343268
* auth/pam.c: don't use the PAM prompt if the user explicitly requested
a custom prompt, closes: #448628.
* fix configure's ability to discover that libc has dirfd, closes: #451324
* make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
the command 'visudo' invokes a vi variant by default as documented,
closes: #388659
-- Martin Pitt <email address hidden> Tue, 04 Dec 2007 18:07:22 +0100
-
sudo (1.6.9p6-1ubuntu1) hardy; urgency=low
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/prerm: Abort package removal if there is no root password.
Forwarded to Debian #451241.
- sudoers: Add some explanatory text why it is a REALLY good idea to use
visudo. (LP #11620)
Forwarded upstream: http://www.gratisoft.us/bugzilla/show_bug.cgi?id=269
- debian/rules: Disable lecture, enable tty_tickets by default.
- debian/rules: Configure less confusing default password prompt to point
out that it is sudo asking for the user's password, as opposed to
another program like ssh, or asking for the root password. (LP #8556)
Forwarded to Debian #343268.
- Add debian/sudo_root.8: Explanation of root handling through sudo.
Install it in debian/rules.
- sudo.c: If the user successfully authenticated and he is in the 'admin'
group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
profile checks for this and displays a short intro about sudo if the
flag is not present.
* New upstream version 1.6.9 fixes the following bugs:
- Does not ask for password any more if stdin is not a terminal.
(LP: #130636)
- sudo -k/-K does not fail any more if timestamp is in the future.
(LP: #43233)
* Drop our very intrusive patch for selectively cleaning the environment
based on whether the user can execute all commands or only some. Debian
and upstream now default to cleaning the environment unconditionally and
provide option -E and the SETENV tag to override it.
Instead, do a tinpy patch to parse.yacc which enables SETENV implicitly
for 'ALL' commands.
Forwarded upstream: http://www.gratisoft.us/bugzilla/show_bug.cgi?id=268
* sudo.c: Disable i18n for now (upstream enabled it in 1.6.9), since this
causes PAM to output localized password prompts, which in turn breaks -p
and --with-passprompt, which finally breaks gksu. See
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=270 for details.
sudo (1.6.9p6-1) unstable; urgency=low
* new upstream version, closes: #442815, #446146, #438699, #435768, #435314
closes: #434832, #434608, #430382
* eliminate the now-redundant init.d scripts, closes: #397090
* fix typo in TROUBLESHOOTING file, closes: #439624
-- Martin Pitt <email address hidden> Wed, 14 Nov 2007 14:23:47 +0100
-
sudo (1.6.8p12-5ubuntu2) gutsy; urgency=low
* debian/rules: Configure less confusing default password prompt to (a)
point out that it wants to know the user's password (instead of root's or
whichever) and (b) that it is sudo which asks the question (since those
prompts become really unintelligible if the command asks its own password,
such as 'ssh', 'passwd', or 'mount -t cifs'). Do not modify
--with-badpass-message though, since that breaks gksu. Thanks to Marco
Rodrigues, leoquant, and nxvl for the discussion and proposals.
(LP: #8556)
-- Martin Pitt <email address hidden> Fri, 15 Jun 2007 09:22:55 +0200