1 sudo (1.7.2p6-2) UNRELEASED; urgency=low
3 * add a note to README.Debian about LDAP needing an entry in
4 /etc/nsswitch.conf, closes: #522065
6 -- Bdale Garbee <bdale@gag.com> Wed, 21 Apr 2010 09:26:11 -0600
8 sudo (1.7.2p6-1) unstable; urgency=low
10 * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
12 -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
14 sudo (1.7.2p5-1) unstable; urgency=low
16 * new upstream release, closes a bug filed upstream regarding missing man
17 page processing scripts in the 1.7.2p1 tarball, also includes the fix
18 for CVE-2010-0426 previously the subject of a security team nmu
19 * move to source format 3.0 (quilt) and restructure changes as patches
20 * fix unprocessed substitution variables in man pages, closes: #557204
21 * apply patch from Neil Moore to fix Debian-specific content in the
22 visudo man page, closes: #555013
23 * update descriptions to better explain sudo-ldap, closes: #573108
24 * eliminate spurious 'and' in man page, closes: #571620
25 * fix confusing text in default sudoers, closes: #566607
27 -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
29 sudo (1.7.2p1-1) unstable; urgency=low
31 * new upstream version
32 * add support for /etc/sudoers.d using #includedir in default sudoers,
33 which I think is also a good solution to the request for a crontab-like
34 API requested in March of 2001, closes: #539994, #271813, #89743
35 * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
37 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
39 sudo (1.7.2-2) unstable; urgency=low
41 * further improve initial sudoers to not include the NOPASSWD option on
42 the group sudo exception, closes: #539136, #198991
44 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
46 sudo (1.7.2-1) unstable; urgency=low
48 * new upstream version, closes: #537103
49 * improve initial sudoers by having the exemption for users in group
50 sudo on by default, and including the ability to run any command as
51 any user. This makes the default install roughly equivalent to our
52 old use of the --with-exempt=sudo build option, closes: #536220, #536222
54 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
56 sudo (1.7.0-1) unstable; urgency=low
58 * new upstream version, closes: #510179, #128268, #520274, #508514
59 * fix ldap config file path for sudo-ldap package, including creating
60 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
61 package, closes: #430826
62 * fix NOPASSWD entry location in default config file for the sudo-ldap
63 instance too, closes: #479616
65 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
67 sudo (1.6.9p17-2) unstable; urgency=high
69 * patch from upstream to fix privilege escalation with certain
70 configurations, CVE-2009-0034
71 * typo in sudoers man page, closes: #507163
73 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
75 sudo (1.6.9p17-1) unstable; urgency=low
77 * new upstream version, closes: #481008
78 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
79 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
80 in move from CVS to git for package management, closes: #475821
81 * re-instate the init.d for the sudo-ldap package too... /o\
83 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
85 sudo (1.6.9p15-2) unstable; urgency=low
87 * revert the fix for 388659 such that visudo once again defaults to using
88 /usr/bin/editor. I was always ambivalent about this change, it has caused
89 more confusion and frustration than it cured, and I find Justin's line of
90 reasoning persuasive. Update the man page source to reflect this choice
91 and the related use of --with-env-editor. Closes: #474197.
92 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
94 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
96 sudo (1.6.9p15-1) unstable; urgency=low
98 * new upstream version, closes: #467126, #473337
99 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
100 thanks to Justin Pryzby for pointing this out
101 * reinstate the init.d, since bootclean doesn't quite do what we want. This
102 also means we don't need the preinst scripts any more. Update the lintian
103 overrides since postinst is a Perl script lintian apparently isn't parsing
104 well. closes: #330868
106 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
108 sudo (1.6.9p12-1) unstable; urgency=low
110 * new upstream version, closes: #464890
112 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
114 sudo (1.6.9p11-3) unstable; urgency=low
116 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
118 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
120 sudo (1.6.9p11-2) unstable; urgency=low
122 * update version compared in preinst when removing obsolete init.d,
124 * implement pam session config suggestions from Elizabeth Fong,
125 closes: #452457, #402329
127 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
129 sudo (1.6.9p11-1) unstable; urgency=low
131 * new upstream version
133 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
135 sudo (1.6.9p10-1) unstable; urgency=low
137 * new upstream version
138 * tweak default password prompt as %u doesn't make sense. Accept patch from
139 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
140 uses it by default, closes: #454409
141 * accept patch from Martin Pitt that adds a prerm making it difficult to
142 "accidentally" remove sudo when there is no root password set on the
143 system, closes: #451241
145 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
147 sudo (1.6.9p9-1) unstable; urgency=low
149 * new upstream version
150 * debian/rules: configure a more informative default password prompt to
151 reduce confusion when using sudo to invoke commands which also ask for
152 passwords, closes: #343268
153 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
154 a custom prompt, closes: #448628.
155 * fix configure's ability to discover that libc has dirfd, closes: #451324
156 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
157 the command 'visudo' invokes a vi variant by default as documented,
160 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
162 sudo (1.6.9p6-1) unstable; urgency=low
164 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
165 closes: #434832, #434608, #430382
166 * eliminate the now-redundant init.d scripts, closes: #397090
167 * fix typo in TROUBLESHOOTING file, closes: #439624
169 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
171 sudo (1.6.8p12-6) unstable; urgency=low
173 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
174 * have init.d touch directories in /var/run/sudo, not just files, as a
176 * fix various typos in sudoers.pod, closes: #419749
177 * don't let Makefile strip binaries, closes: #438073
179 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
181 sudo (1.6.8p12-5) unstable; urgency=low
183 * update debian/copyright to reflect new upstream URL, closes: #368746
184 * add sandwich cartoon URL to the README.Debian
185 * don't remove sudoers on purge. can cause problems when moving between
186 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
187 evil choice for now, closes: #401366
188 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
190 * accept patch that improves debian/rules from Ted Percival, closes: #382122
191 * no longer build with --with-exempt=sudo, provide an example entry in the
192 default sudoers file instead, closes: #296605
193 * add --with-devel to configure and augment build dependencies so that flex
194 and yacc files get re-generated on every build, closes: #316249
196 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
198 sudo (1.6.8p12-4) unstable; urgency=low
200 * patch from Petter Reinholdtsen for the LSB info block in the init.d
201 script, closes: #361055
202 * deliver sudoers sample again, closes: #361593
204 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
206 sudo (1.6.8p12-3) unstable; urgency=low
208 * force-feed configure knowledge of nroff's path so we get unformatted man
209 pages installed without build-depending on groff-base, closes: #360894
210 * add a reference to OPTIONS in the man page, closes: #186226
212 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
214 sudo (1.6.8p12-2) unstable; urgency=low
216 * fix typos in init scripts, closes: #346325
217 * update to debhelper compat level 5
218 * build depend on autotools-dev to ensure config.sub/guess are fresh
219 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
220 use it here as well. Thanks to Martin and the debian-security team.
221 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
222 closes: #315115, #315718, #203874
223 * Non-maintainer upload by the Security Team
224 * Reworked the former patch to limit environment variables from being
225 passed through, set env_reset as default instead [sudo.c, env.c,
226 sudoers.pod, Bug#342948, CVE-2005-4158]
227 * env_reset is now set by default
228 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
229 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
230 (in addition to the SUDO_* variables)
231 * Rebuild sudoers.man.in from the POD file
232 * Added README.Debian
233 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
234 * simplify rules file by using more of Makefile, despite having to override
235 default directories with more arguments to configure, closes: #292833
236 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
237 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
238 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
239 unresolveable (requires adding bison as build dep), closes: #314949
241 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
243 sudo (1.6.8p12-1) unstable; urgency=low
245 * new upstream version, closes: #342948 (CVE-2005-4158)
246 * add env_reset to the sudoers file we create if none already exists,
247 as a further precaution in response to discussion about CVS-2005-4158
248 * split ldap support into a new sudo-ldap package. I was trying to avoid
249 doing this, but the impact of going from 4 to 17 linked shlibs on the
250 autobuilder chroots is sufficient motivation for me.
253 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
255 sudo (1.6.8p9-4) unstable; urgency=low
257 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
258 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
259 timestamps in the init.d script, closes: #330868
260 * add dependency header to init.d script, closes: #332849
262 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
264 sudo (1.6.8p9-3) unstable; urgency=high
266 * update debhelper compatibility level from 2 to 4
267 * add man page symlink for sudoedit
268 * Clean SHELLOPTS and PS4 from the environment before executing programs
269 with sudo permissions [env.c, CAN-2005-2959]
270 * fix typo in manpage pointed out by Moray Allen, closes: #285995
271 * fix paths in sample complex sudoers file, closes: #303542
272 * fix type in sudoers man page, closes: #311244
274 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
276 sudo (1.6.8p9-2) unstable; urgency=high
278 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
281 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
283 sudo (1.6.8p9-1) unstable; urgency=high
285 * new upstream version, fixes a race condition in sudo's pathname
286 validation, which is a security issue (CAN-2005-1993),
287 closes: #315115, #315718
289 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
291 sudo (1.6.8p7-1) unstable; urgency=low
293 * new upstream version, closes: #299585
294 * update lintian overrides to squelch the postinst warning
295 * change sudoedit from a hard to a soft link, closes: #296896
296 * fix regex doc in sudoers man page, closes: #300361
298 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
300 sudo (1.6.8p5-1) unstable; urgency=high
302 * new upstream version
303 * restores ability to use config tuples without a value, which was causing
304 problems on upgrade closes: #283306
305 * deliver sudoedit, closes: #283078
306 * marking urgency high since 283306 is a serious upgrade incompatibility
308 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
310 sudo (1.6.8p3-2) unstable; urgency=high
312 * update pam.d deliverable so ldap works again, closes: #282191
314 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
316 sudo (1.6.8p3-1) unstable; urgency=high
318 * new upstream version, fixes a flaw in sudo's environment sanitizing that
319 could allow a malicious user with permission to run a shell script that
320 utilized the bash shell to run arbitrary commands, closes: #281665
321 * patch the sample sudoers to have the proper path for kill on Debian
322 systems, closes: #263486
323 * patch the sudo manpage to reflect Debian's choice of exempt_group
324 default setting, closes: #236465
325 * patch the sudo manpage to reflect Debian's choice of no timeout on the
326 password prompt, closes: #271194
328 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
330 sudo (1.6.7p5-2) unstable; urgency=low
332 * Jeff Bailey reports that seteuid works on current sparc systems, so we
333 no longer need the "grosshack" stuff in the sudo rules file
334 * add a postrm that removes /etc/sudoers on purge. don't do this with the
335 normal conffile mechanism since it would generate noise on every upgrade,
338 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
340 sudo (1.6.7p5-1) unstable; urgency=low
342 * new upstream version, closes: #190265, #193222, #197244
343 * change from '.' to ':' in postinst chown call, closes: #208369
345 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
347 sudo (1.6.7p3-2) unstable; urgency=low
349 * add --disable-setresuid to configure call since 2.2 kernels don't support
350 setresgid, closes: #189044
351 * cosmetic cleanups to debian/rules as long as I'm there
353 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
355 sudo (1.6.7p3-1) unstable; urgency=low
357 * new upstream version
358 * add overrides to quiet lintian about things it doesn't understand,
359 except the source one that can't be overridden until 129510 is fixed
361 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
363 sudo (1.6.6-3) unstable; urgency=low
365 * add code to rules file to update config.sub/guess, closes: #164501
367 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
369 sudo (1.6.6-2) unstable; urgency=low
371 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
372 configure, and lose the build dependency on mail-transport-agent
373 * incorporate changes from LaMont's NMU, closes: #144665, #144737
374 * update init.d to not try and set time on nonexistent timestamp files,
376 * build with --with-all-insults, admin must edit sudoers to turn insults
377 on at runtime if desired, closes: #135374
378 * stop setting /usr/doc symlink in postinst
380 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
382 sudo (1.6.6-1.1) unstable; urgency=high
384 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
385 * Revert patch to auth/pam.c that left pass uninitialized, causing a
386 segfault (Closes: #144665).
388 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
390 sudo (1.6.6-1) unstable; urgency=high
392 * new upstream version, fixes security problem with crafty prompts,
395 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
397 sudo (1.6.5p1-4) unstable; urgency=high
399 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
400 if ctrl/C'ed at password prompt, closes: #131235
402 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
404 sudo (1.6.5p1-3) unstable; urgency=high
406 * ugly hack to add --disable-saved-ids when building on sparc in response
407 to 131592, which will be reassigned to glibc for a real fix
408 * urgency high since the sudo currently in testing for sparc is worthless
410 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
412 sudo (1.6.5p1-2) unstable; urgency=high
414 * patch from upstream to fix seg faults caused by versions of pam that
415 follow a NULL pointer, closes: #129512
417 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
419 sudo (1.6.5p1-1) unstable; urgency=high
421 * new upstream version
422 * add --disable-root-mailer option supported by new version to configure
423 call in rules file, closes: #129648
425 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
427 sudo (1.6.4p1-1) unstable; urgency=high
429 * new upstream version, with fix for segfaulting problem in 1.6.4
431 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
433 sudo (1.6.4-1) unstable; urgency=high
435 * new upstream version, includes an important security fix, closes: #127576
437 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
439 sudo (1.6.3p7-5) unstable; urgency=low
441 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
442 * fix spelling error in init.d, closes: #126847
444 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
446 sudo (1.6.3p7-4) unstable; urgency=medium
448 * use touch to set status files to an ancient date instead of removing them
449 outright on reboot. this achieves the desired effect of keeping elevated
450 privs from living across reboots, without forcing everyone to see the
451 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
452 for systems with good clocks, and 'recent enough' that broken PC hardware
453 setting the clock to commonly-seen bogus dates trips over the "don't trust
454 future timestamps" rule. closes: #76529, #123559
455 * apply patch from Steve Langasek to fix seg faults due to interaction with
456 PAM code. upstream confirms the problem, and says they're fixing this
457 differently for their next release... but this should be useful in the
458 meantime, and would be good to get into woody. closes: #119147
459 * only run the init.d at boot, not on each runlevel change... and don't run
460 it during package configure. closes: #125935
461 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
463 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
465 sudo (1.6.3p7-3) unstable; urgency=low
467 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
468 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
469 * fix a typo in the manpage, closes: #97368
470 * apply patch to configure.in and run autoconf to fix problem building on
471 the hurd, closes: #96325
472 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
473 to not last across reboots, closes: #76529
474 * clean up lintian-noticed cosmetic packaging issues
476 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
478 sudo (1.6.3p7-2) unstable; urgency=low
480 * update config.sub/guess for hppa support
482 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
484 sudo (1.6.3p7-1) unstable; urgency=low
486 * new upstream version
487 * add build dependency on mail-transport-agent, closes: #90685
489 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
491 sudo (1.6.3p6-1) unstable; urgency=high
493 * new upstream version, fixes buffer overflow problem,
494 closes: #87259, #87278, #87263
495 * revert to using --with-secure-path option at build time, since the option
496 available in sudoers is parsed too late to be useful, and upstream says
497 it won't get fixed quickly. This reopens 85123, which I will mark as
498 forwarded. Closes: #86199, #86117, #85676
500 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
502 sudo (1.6.3p5-2) unstable; urgency=low
504 * lose the dh_suidregister call since it's obsolete
505 * stop using the --with-secure-path option at build time, and instead show
506 how to set it in sudoers. Closes: #85123
507 * freshen config.sub and config.guess for ia64 and hppa
508 * update sudoers man page to indicate exempt_group is on by default,
511 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
513 sudo (1.6.3p5-1) unstable; urgency=low
515 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
516 * this version restores core dumps before the exec, while leaving them
517 disabled during sudo's internal execution, closes: #58289
518 * update debhelper calls in rules file
520 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
522 sudo (1.6.2p2-1) frozen unstable; urgency=medium
524 * new upstream source resulting from direct collaboration with the upstream
525 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
526 Closes: #56129, #55978, #55979, #56550, #56772
527 * include more upstream documentation, closes: #55054
528 * pam.d fragment update, closes: #56129
530 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
532 sudo (1.6.1-1) unstable; urgency=low
534 * new upstream source, closes: #52750
536 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
538 sudo (1.6-2) unstable; urgency=low
540 * drop suidregister support for this package. The sudo executable is
541 essentially worthless unless it is setuid root, and making suidregister
542 work involves shipping a non-setuid executable in the .deb and setting the
543 perms in the postinst. On a long upgrade run, this can leave the sudo
544 executable 'broken' for a long time, which is unacceptable. With this
545 version, we ship the executable setuid root in the .deb. Closes: #51742
547 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
549 sudo (1.6-1) unstable; urgency=low
551 * new upstream version, many options previously set at compile-time are now
552 configurable at runtime.
553 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
556 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
558 sudo (1.5.9p4-1) unstable; urgency=low
560 * new upstream version, closes: #43464
561 * empty password handling was fixed in 1.5.8, closes: #31863
563 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
565 sudo (1.5.9p1-1) unstable; urgency=low
567 * new upstream version
569 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
571 sudo (1.5.8p1-1) unstable; urgency=medium
573 * new upstream version, closes 33690
574 * add dependency on libpam-modules, closes 34215, 33432
576 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
578 sudo (1.5.7p4-2) unstable; urgency=medium
580 * update the pam fragment provided so that sudo works with latest pam bits,
583 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
585 sudo (1.5.7p4-1) unstable; urgency=low
587 * new upstream release
589 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
591 sudo (1.5.6p5-1) unstable; urgency=low
593 * new upstream patch release
594 * add PAM support, closes 28594
596 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
598 sudo (1.5.6p2-2) unstable; urgency=low
600 * update copyright file, closes 24136
601 * review and close forwarded bugs believed fixed in this upstream version,
604 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
606 sudo (1.5.6p2-1) unstable; urgency=low
608 * new upstream release
610 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
612 sudo (1.5.4-4) frozen unstable; urgency=low
614 * update postinst to use groupadd, closes 21403
615 * move the suidregister stuff earlier in postinst to ensure it always runs
617 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
619 sudo (1.5.4-3) frozen unstable; urgency=low
621 * change /etc/sudoers from a conffile to being handled in postinst,
623 * add suidmanager support, closes 15711
624 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
625 unlikely to ever fix, and which just don't matter. closes 17146
626 * fix FSF address in copyright file, and submit exception for lintian
627 warning about sudo being setuid root
629 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
631 sudo (1.5.4-2) unstable; urgency=high
633 * patch from upstream author correcting/improving security fix
635 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
637 sudo (1.5.4-1) unstable; urgency=high
639 * new upstream version, includes a security fix
640 * change default editor from /bin/ae to /usr/bin/editor
642 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
644 sudo (1.5.3-1) unstable; urgency=medium
646 * new upstream version, closes bug 15911.
647 * rules file reworked to use debhelper
648 * implement a really gross hack to force use of the sudo-provided
649 lsearch(), since the one in libc6 is broken! This closes bugs
650 12552, 12557, 14881, 15259, 15916.
652 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
654 sudo (1.5.2-6) unstable; urgency=LOW
656 * don't install INSTALL in the doc directory, closes bug 13195.
658 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
660 sudo (1.5.2-5) unstable; urgency=LOW
664 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
666 sudo (1.5.2-4) unstable; urgency=LOW
668 * change TIMEOUT (how long before you have to type your password again)
669 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
670 packages on slower machines much more tolerable. Closes bug 9076.
671 * touch debian/suid before debstd. Closes bug 8709.
673 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
675 sudo (1.5.2-3) frozen unstable; urgency=LOW
677 * patch from upstream maintainer to close Bug 6828
678 * add a debian/suid file to get debstd to leave my perl postinst alone
680 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
682 sudo (1.5.2-2) frozen unstable; urgency=LOW
684 * change rules to use -O2 -Wall as per standards
686 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
688 sudo (1.5.2-1) unstable; urgency=LOW
690 * new upstream version
691 * cosmetic changes to debian package control files
693 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
695 sudo (1.5-2) unstable; urgency=LOW
697 * add /usr/X11R6/bin to the end of the secure path... this makes it
698 much easier to run xmkmf, etc., during package builds. To the extent
699 that /usr/local/sbin and /usr/local/bin were already included, I see
700 no security reasons not to add this.
702 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
704 sudo (1.5-1) unstable; urgency=LOW
706 * New upstream version
708 * New packaging format
710 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
712 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
716 * hard code SECURE_PATH to:
717 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
721 * enabled EXEMPTGROUP "sudo"
723 * moved timestamp dir to /var/log/sudo
725 * changed parser to check for long and short filenames (Bug#1162)
727 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
731 * New upstream source
733 * Fixed postinst script
734 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
736 * Removed special shadow binary. This version works with and without
737 shadow password file.
739 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
743 * Corrected editor path to /bin/ae (Bug#3062)
745 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
747 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
751 * New upstream version
753 * Changed sudoers permission to 440 (owner root, group root) to make
756 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
760 * Applied upstream patch 1
762 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
766 * Applied upstream patch 2
768 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
772 * Applied upstream patch 3 (fixes problems with an NFS-mounted
776 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
780 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
781 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
783 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
787 * Applied upstream patch 4 (fixes several bugs)
789 * Changed priority to optional
791 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
795 * Corrected postinst to create correct permission for /etc/sudoers
798 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
802 * New upstream version
805 sudo (1.4.4-2) admin; urgency=HIGH
807 * Fixed major security bug reported by Peter Tobias
808 <tobias@et-inf.fho-emden.de>
809 * Added dchanges support to debian.rules
811 sudo (1.4.5-1) admin; urgency=LOW
813 * New upstream version
814 * Minor changes to debian.rules