1 sudo (1.7.2p6-1) unstable; urgency=low
3 * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
5 -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
7 sudo (1.7.2p5-1) unstable; urgency=low
9 * new upstream release, closes a bug filed upstream regarding missing man
10 page processing scripts in the 1.7.2p1 tarball, also includes the fix
11 for CVE-2010-0426 previously the subject of a security team nmu
12 * move to source format 3.0 (quilt) and restructure changes as patches
13 * fix unprocessed substitution variables in man pages, closes: #557204
14 * apply patch from Neil Moore to fix Debian-specific content in the
15 visudo man page, closes: #555013
16 * update descriptions to better explain sudo-ldap, closes: #573108
17 * eliminate spurious 'and' in man page, closes: #571620
18 * fix confusing text in default sudoers, closes: #566607
20 -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
22 sudo (1.7.2p1-1) unstable; urgency=low
24 * new upstream version
25 * add support for /etc/sudoers.d using #includedir in default sudoers,
26 which I think is also a good solution to the request for a crontab-like
27 API requested in March of 2001, closes: #539994, #271813, #89743
28 * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
30 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
32 sudo (1.7.2-2) unstable; urgency=low
34 * further improve initial sudoers to not include the NOPASSWD option on
35 the group sudo exception, closes: #539136, #198991
37 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
39 sudo (1.7.2-1) unstable; urgency=low
41 * new upstream version, closes: #537103
42 * improve initial sudoers by having the exemption for users in group
43 sudo on by default, and including the ability to run any command as
44 any user. This makes the default install roughly equivalent to our
45 old use of the --with-exempt=sudo build option, closes: #536220, #536222
47 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
49 sudo (1.7.0-1) unstable; urgency=low
51 * new upstream version, closes: #510179, #128268, #520274, #508514
52 * fix ldap config file path for sudo-ldap package, including creating
53 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
54 package, closes: #430826
55 * fix NOPASSWD entry location in default config file for the sudo-ldap
56 instance too, closes: #479616
58 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
60 sudo (1.6.9p17-2) unstable; urgency=high
62 * patch from upstream to fix privilege escalation with certain
63 configurations, CVE-2009-0034
64 * typo in sudoers man page, closes: #507163
66 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
68 sudo (1.6.9p17-1) unstable; urgency=low
70 * new upstream version, closes: #481008
71 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
72 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
73 in move from CVS to git for package management, closes: #475821
74 * re-instate the init.d for the sudo-ldap package too... /o\
76 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
78 sudo (1.6.9p15-2) unstable; urgency=low
80 * revert the fix for 388659 such that visudo once again defaults to using
81 /usr/bin/editor. I was always ambivalent about this change, it has caused
82 more confusion and frustration than it cured, and I find Justin's line of
83 reasoning persuasive. Update the man page source to reflect this choice
84 and the related use of --with-env-editor. Closes: #474197.
85 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
87 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
89 sudo (1.6.9p15-1) unstable; urgency=low
91 * new upstream version, closes: #467126, #473337
92 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
93 thanks to Justin Pryzby for pointing this out
94 * reinstate the init.d, since bootclean doesn't quite do what we want. This
95 also means we don't need the preinst scripts any more. Update the lintian
96 overrides since postinst is a Perl script lintian apparently isn't parsing
99 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
101 sudo (1.6.9p12-1) unstable; urgency=low
103 * new upstream version, closes: #464890
105 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
107 sudo (1.6.9p11-3) unstable; urgency=low
109 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
111 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
113 sudo (1.6.9p11-2) unstable; urgency=low
115 * update version compared in preinst when removing obsolete init.d,
117 * implement pam session config suggestions from Elizabeth Fong,
118 closes: #452457, #402329
120 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
122 sudo (1.6.9p11-1) unstable; urgency=low
124 * new upstream version
126 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
128 sudo (1.6.9p10-1) unstable; urgency=low
130 * new upstream version
131 * tweak default password prompt as %u doesn't make sense. Accept patch from
132 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
133 uses it by default, closes: #454409
134 * accept patch from Martin Pitt that adds a prerm making it difficult to
135 "accidentally" remove sudo when there is no root password set on the
136 system, closes: #451241
138 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
140 sudo (1.6.9p9-1) unstable; urgency=low
142 * new upstream version
143 * debian/rules: configure a more informative default password prompt to
144 reduce confusion when using sudo to invoke commands which also ask for
145 passwords, closes: #343268
146 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
147 a custom prompt, closes: #448628.
148 * fix configure's ability to discover that libc has dirfd, closes: #451324
149 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
150 the command 'visudo' invokes a vi variant by default as documented,
153 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
155 sudo (1.6.9p6-1) unstable; urgency=low
157 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
158 closes: #434832, #434608, #430382
159 * eliminate the now-redundant init.d scripts, closes: #397090
160 * fix typo in TROUBLESHOOTING file, closes: #439624
162 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
164 sudo (1.6.8p12-6) unstable; urgency=low
166 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
167 * have init.d touch directories in /var/run/sudo, not just files, as a
169 * fix various typos in sudoers.pod, closes: #419749
170 * don't let Makefile strip binaries, closes: #438073
172 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
174 sudo (1.6.8p12-5) unstable; urgency=low
176 * update debian/copyright to reflect new upstream URL, closes: #368746
177 * add sandwich cartoon URL to the README.Debian
178 * don't remove sudoers on purge. can cause problems when moving between
179 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
180 evil choice for now, closes: #401366
181 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
183 * accept patch that improves debian/rules from Ted Percival, closes: #382122
184 * no longer build with --with-exempt=sudo, provide an example entry in the
185 default sudoers file instead, closes: #296605
186 * add --with-devel to configure and augment build dependencies so that flex
187 and yacc files get re-generated on every build, closes: #316249
189 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
191 sudo (1.6.8p12-4) unstable; urgency=low
193 * patch from Petter Reinholdtsen for the LSB info block in the init.d
194 script, closes: #361055
195 * deliver sudoers sample again, closes: #361593
197 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
199 sudo (1.6.8p12-3) unstable; urgency=low
201 * force-feed configure knowledge of nroff's path so we get unformatted man
202 pages installed without build-depending on groff-base, closes: #360894
203 * add a reference to OPTIONS in the man page, closes: #186226
205 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
207 sudo (1.6.8p12-2) unstable; urgency=low
209 * fix typos in init scripts, closes: #346325
210 * update to debhelper compat level 5
211 * build depend on autotools-dev to ensure config.sub/guess are fresh
212 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
213 use it here as well. Thanks to Martin and the debian-security team.
214 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
215 closes: #315115, #315718, #203874
216 * Non-maintainer upload by the Security Team
217 * Reworked the former patch to limit environment variables from being
218 passed through, set env_reset as default instead [sudo.c, env.c,
219 sudoers.pod, Bug#342948, CVE-2005-4158]
220 * env_reset is now set by default
221 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
222 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
223 (in addition to the SUDO_* variables)
224 * Rebuild sudoers.man.in from the POD file
225 * Added README.Debian
226 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
227 * simplify rules file by using more of Makefile, despite having to override
228 default directories with more arguments to configure, closes: #292833
229 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
230 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
231 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
232 unresolveable (requires adding bison as build dep), closes: #314949
234 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
236 sudo (1.6.8p12-1) unstable; urgency=low
238 * new upstream version, closes: #342948 (CVE-2005-4158)
239 * add env_reset to the sudoers file we create if none already exists,
240 as a further precaution in response to discussion about CVS-2005-4158
241 * split ldap support into a new sudo-ldap package. I was trying to avoid
242 doing this, but the impact of going from 4 to 17 linked shlibs on the
243 autobuilder chroots is sufficient motivation for me.
246 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
248 sudo (1.6.8p9-4) unstable; urgency=low
250 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
251 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
252 timestamps in the init.d script, closes: #330868
253 * add dependency header to init.d script, closes: #332849
255 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
257 sudo (1.6.8p9-3) unstable; urgency=high
259 * update debhelper compatibility level from 2 to 4
260 * add man page symlink for sudoedit
261 * Clean SHELLOPTS and PS4 from the environment before executing programs
262 with sudo permissions [env.c, CAN-2005-2959]
263 * fix typo in manpage pointed out by Moray Allen, closes: #285995
264 * fix paths in sample complex sudoers file, closes: #303542
265 * fix type in sudoers man page, closes: #311244
267 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
269 sudo (1.6.8p9-2) unstable; urgency=high
271 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
274 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
276 sudo (1.6.8p9-1) unstable; urgency=high
278 * new upstream version, fixes a race condition in sudo's pathname
279 validation, which is a security issue (CAN-2005-1993),
280 closes: #315115, #315718
282 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
284 sudo (1.6.8p7-1) unstable; urgency=low
286 * new upstream version, closes: #299585
287 * update lintian overrides to squelch the postinst warning
288 * change sudoedit from a hard to a soft link, closes: #296896
289 * fix regex doc in sudoers man page, closes: #300361
291 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
293 sudo (1.6.8p5-1) unstable; urgency=high
295 * new upstream version
296 * restores ability to use config tuples without a value, which was causing
297 problems on upgrade closes: #283306
298 * deliver sudoedit, closes: #283078
299 * marking urgency high since 283306 is a serious upgrade incompatibility
301 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
303 sudo (1.6.8p3-2) unstable; urgency=high
305 * update pam.d deliverable so ldap works again, closes: #282191
307 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
309 sudo (1.6.8p3-1) unstable; urgency=high
311 * new upstream version, fixes a flaw in sudo's environment sanitizing that
312 could allow a malicious user with permission to run a shell script that
313 utilized the bash shell to run arbitrary commands, closes: #281665
314 * patch the sample sudoers to have the proper path for kill on Debian
315 systems, closes: #263486
316 * patch the sudo manpage to reflect Debian's choice of exempt_group
317 default setting, closes: #236465
318 * patch the sudo manpage to reflect Debian's choice of no timeout on the
319 password prompt, closes: #271194
321 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
323 sudo (1.6.7p5-2) unstable; urgency=low
325 * Jeff Bailey reports that seteuid works on current sparc systems, so we
326 no longer need the "grosshack" stuff in the sudo rules file
327 * add a postrm that removes /etc/sudoers on purge. don't do this with the
328 normal conffile mechanism since it would generate noise on every upgrade,
331 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
333 sudo (1.6.7p5-1) unstable; urgency=low
335 * new upstream version, closes: #190265, #193222, #197244
336 * change from '.' to ':' in postinst chown call, closes: #208369
338 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
340 sudo (1.6.7p3-2) unstable; urgency=low
342 * add --disable-setresuid to configure call since 2.2 kernels don't support
343 setresgid, closes: #189044
344 * cosmetic cleanups to debian/rules as long as I'm there
346 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
348 sudo (1.6.7p3-1) unstable; urgency=low
350 * new upstream version
351 * add overrides to quiet lintian about things it doesn't understand,
352 except the source one that can't be overridden until 129510 is fixed
354 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
356 sudo (1.6.6-3) unstable; urgency=low
358 * add code to rules file to update config.sub/guess, closes: #164501
360 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
362 sudo (1.6.6-2) unstable; urgency=low
364 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
365 configure, and lose the build dependency on mail-transport-agent
366 * incorporate changes from LaMont's NMU, closes: #144665, #144737
367 * update init.d to not try and set time on nonexistent timestamp files,
369 * build with --with-all-insults, admin must edit sudoers to turn insults
370 on at runtime if desired, closes: #135374
371 * stop setting /usr/doc symlink in postinst
373 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
375 sudo (1.6.6-1.1) unstable; urgency=high
377 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
378 * Revert patch to auth/pam.c that left pass uninitialized, causing a
379 segfault (Closes: #144665).
381 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
383 sudo (1.6.6-1) unstable; urgency=high
385 * new upstream version, fixes security problem with crafty prompts,
388 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
390 sudo (1.6.5p1-4) unstable; urgency=high
392 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
393 if ctrl/C'ed at password prompt, closes: #131235
395 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
397 sudo (1.6.5p1-3) unstable; urgency=high
399 * ugly hack to add --disable-saved-ids when building on sparc in response
400 to 131592, which will be reassigned to glibc for a real fix
401 * urgency high since the sudo currently in testing for sparc is worthless
403 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
405 sudo (1.6.5p1-2) unstable; urgency=high
407 * patch from upstream to fix seg faults caused by versions of pam that
408 follow a NULL pointer, closes: #129512
410 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
412 sudo (1.6.5p1-1) unstable; urgency=high
414 * new upstream version
415 * add --disable-root-mailer option supported by new version to configure
416 call in rules file, closes: #129648
418 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
420 sudo (1.6.4p1-1) unstable; urgency=high
422 * new upstream version, with fix for segfaulting problem in 1.6.4
424 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
426 sudo (1.6.4-1) unstable; urgency=high
428 * new upstream version, includes an important security fix, closes: #127576
430 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
432 sudo (1.6.3p7-5) unstable; urgency=low
434 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
435 * fix spelling error in init.d, closes: #126847
437 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
439 sudo (1.6.3p7-4) unstable; urgency=medium
441 * use touch to set status files to an ancient date instead of removing them
442 outright on reboot. this achieves the desired effect of keeping elevated
443 privs from living across reboots, without forcing everyone to see the
444 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
445 for systems with good clocks, and 'recent enough' that broken PC hardware
446 setting the clock to commonly-seen bogus dates trips over the "don't trust
447 future timestamps" rule. closes: #76529, #123559
448 * apply patch from Steve Langasek to fix seg faults due to interaction with
449 PAM code. upstream confirms the problem, and says they're fixing this
450 differently for their next release... but this should be useful in the
451 meantime, and would be good to get into woody. closes: #119147
452 * only run the init.d at boot, not on each runlevel change... and don't run
453 it during package configure. closes: #125935
454 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
456 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
458 sudo (1.6.3p7-3) unstable; urgency=low
460 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
461 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
462 * fix a typo in the manpage, closes: #97368
463 * apply patch to configure.in and run autoconf to fix problem building on
464 the hurd, closes: #96325
465 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
466 to not last across reboots, closes: #76529
467 * clean up lintian-noticed cosmetic packaging issues
469 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
471 sudo (1.6.3p7-2) unstable; urgency=low
473 * update config.sub/guess for hppa support
475 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
477 sudo (1.6.3p7-1) unstable; urgency=low
479 * new upstream version
480 * add build dependency on mail-transport-agent, closes: #90685
482 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
484 sudo (1.6.3p6-1) unstable; urgency=high
486 * new upstream version, fixes buffer overflow problem,
487 closes: #87259, #87278, #87263
488 * revert to using --with-secure-path option at build time, since the option
489 available in sudoers is parsed too late to be useful, and upstream says
490 it won't get fixed quickly. This reopens 85123, which I will mark as
491 forwarded. Closes: #86199, #86117, #85676
493 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
495 sudo (1.6.3p5-2) unstable; urgency=low
497 * lose the dh_suidregister call since it's obsolete
498 * stop using the --with-secure-path option at build time, and instead show
499 how to set it in sudoers. Closes: #85123
500 * freshen config.sub and config.guess for ia64 and hppa
501 * update sudoers man page to indicate exempt_group is on by default,
504 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
506 sudo (1.6.3p5-1) unstable; urgency=low
508 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
509 * this version restores core dumps before the exec, while leaving them
510 disabled during sudo's internal execution, closes: #58289
511 * update debhelper calls in rules file
513 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
515 sudo (1.6.2p2-1) frozen unstable; urgency=medium
517 * new upstream source resulting from direct collaboration with the upstream
518 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
519 Closes: #56129, #55978, #55979, #56550, #56772
520 * include more upstream documentation, closes: #55054
521 * pam.d fragment update, closes: #56129
523 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
525 sudo (1.6.1-1) unstable; urgency=low
527 * new upstream source, closes: #52750
529 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
531 sudo (1.6-2) unstable; urgency=low
533 * drop suidregister support for this package. The sudo executable is
534 essentially worthless unless it is setuid root, and making suidregister
535 work involves shipping a non-setuid executable in the .deb and setting the
536 perms in the postinst. On a long upgrade run, this can leave the sudo
537 executable 'broken' for a long time, which is unacceptable. With this
538 version, we ship the executable setuid root in the .deb. Closes: #51742
540 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
542 sudo (1.6-1) unstable; urgency=low
544 * new upstream version, many options previously set at compile-time are now
545 configurable at runtime.
546 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
549 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
551 sudo (1.5.9p4-1) unstable; urgency=low
553 * new upstream version, closes: #43464
554 * empty password handling was fixed in 1.5.8, closes: #31863
556 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
558 sudo (1.5.9p1-1) unstable; urgency=low
560 * new upstream version
562 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
564 sudo (1.5.8p1-1) unstable; urgency=medium
566 * new upstream version, closes 33690
567 * add dependency on libpam-modules, closes 34215, 33432
569 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
571 sudo (1.5.7p4-2) unstable; urgency=medium
573 * update the pam fragment provided so that sudo works with latest pam bits,
576 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
578 sudo (1.5.7p4-1) unstable; urgency=low
580 * new upstream release
582 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
584 sudo (1.5.6p5-1) unstable; urgency=low
586 * new upstream patch release
587 * add PAM support, closes 28594
589 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
591 sudo (1.5.6p2-2) unstable; urgency=low
593 * update copyright file, closes 24136
594 * review and close forwarded bugs believed fixed in this upstream version,
597 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
599 sudo (1.5.6p2-1) unstable; urgency=low
601 * new upstream release
603 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
605 sudo (1.5.4-4) frozen unstable; urgency=low
607 * update postinst to use groupadd, closes 21403
608 * move the suidregister stuff earlier in postinst to ensure it always runs
610 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
612 sudo (1.5.4-3) frozen unstable; urgency=low
614 * change /etc/sudoers from a conffile to being handled in postinst,
616 * add suidmanager support, closes 15711
617 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
618 unlikely to ever fix, and which just don't matter. closes 17146
619 * fix FSF address in copyright file, and submit exception for lintian
620 warning about sudo being setuid root
622 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
624 sudo (1.5.4-2) unstable; urgency=high
626 * patch from upstream author correcting/improving security fix
628 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
630 sudo (1.5.4-1) unstable; urgency=high
632 * new upstream version, includes a security fix
633 * change default editor from /bin/ae to /usr/bin/editor
635 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
637 sudo (1.5.3-1) unstable; urgency=medium
639 * new upstream version, closes bug 15911.
640 * rules file reworked to use debhelper
641 * implement a really gross hack to force use of the sudo-provided
642 lsearch(), since the one in libc6 is broken! This closes bugs
643 12552, 12557, 14881, 15259, 15916.
645 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
647 sudo (1.5.2-6) unstable; urgency=LOW
649 * don't install INSTALL in the doc directory, closes bug 13195.
651 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
653 sudo (1.5.2-5) unstable; urgency=LOW
657 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
659 sudo (1.5.2-4) unstable; urgency=LOW
661 * change TIMEOUT (how long before you have to type your password again)
662 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
663 packages on slower machines much more tolerable. Closes bug 9076.
664 * touch debian/suid before debstd. Closes bug 8709.
666 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
668 sudo (1.5.2-3) frozen unstable; urgency=LOW
670 * patch from upstream maintainer to close Bug 6828
671 * add a debian/suid file to get debstd to leave my perl postinst alone
673 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
675 sudo (1.5.2-2) frozen unstable; urgency=LOW
677 * change rules to use -O2 -Wall as per standards
679 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
681 sudo (1.5.2-1) unstable; urgency=LOW
683 * new upstream version
684 * cosmetic changes to debian package control files
686 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
688 sudo (1.5-2) unstable; urgency=LOW
690 * add /usr/X11R6/bin to the end of the secure path... this makes it
691 much easier to run xmkmf, etc., during package builds. To the extent
692 that /usr/local/sbin and /usr/local/bin were already included, I see
693 no security reasons not to add this.
695 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
697 sudo (1.5-1) unstable; urgency=LOW
699 * New upstream version
701 * New packaging format
703 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
705 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
709 * hard code SECURE_PATH to:
710 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
714 * enabled EXEMPTGROUP "sudo"
716 * moved timestamp dir to /var/log/sudo
718 * changed parser to check for long and short filenames (Bug#1162)
720 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
724 * New upstream source
726 * Fixed postinst script
727 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
729 * Removed special shadow binary. This version works with and without
730 shadow password file.
732 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
736 * Corrected editor path to /bin/ae (Bug#3062)
738 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
740 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
744 * New upstream version
746 * Changed sudoers permission to 440 (owner root, group root) to make
749 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
753 * Applied upstream patch 1
755 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
759 * Applied upstream patch 2
761 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
765 * Applied upstream patch 3 (fixes problems with an NFS-mounted
769 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
773 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
774 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
776 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
780 * Applied upstream patch 4 (fixes several bugs)
782 * Changed priority to optional
784 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
788 * Corrected postinst to create correct permission for /etc/sudoers
791 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
795 * New upstream version
798 sudo (1.4.4-2) admin; urgency=HIGH
800 * Fixed major security bug reported by Peter Tobias
801 <tobias@et-inf.fho-emden.de>
802 * Added dchanges support to debian.rules
804 sudo (1.4.5-1) admin; urgency=LOW
806 * New upstream version
807 * Minor changes to debian.rules