1 sudo (1.7.2p2-1) UNRELEASED; urgency=low
3 * new upstream release, closes a bug filed upstream regarding missing
4 man page processing scripts in the 1.7.2p1 tarball
5 * move to source format 3.0 (quilt) and restructure changes as patches
6 * fix unprocessed substitution variables in man pages, closes: #557204
7 * apply patch from Neil Moore to fix Debian-specific content in the
8 visudo man page, closes: #555013
10 -- Bdale Garbee <bdale@gag.com> Mon, 07 Dec 2009 16:58:36 +0100
12 sudo (1.7.2p1-1) unstable; urgency=low
14 * new upstream version
15 * add support for /etc/sudoers.d using #includedir in default sudoers,
16 which I think is also a good solution to the request for a crontab-like
17 API requested in March of 2001, closes: #539994, #271813, #89743
18 * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
20 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
22 sudo (1.7.2-2) unstable; urgency=low
24 * further improve initial sudoers to not include the NOPASSWD option on
25 the group sudo exception, closes: #539136, #198991
27 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
29 sudo (1.7.2-1) unstable; urgency=low
31 * new upstream version, closes: #537103
32 * improve initial sudoers by having the exemption for users in group
33 sudo on by default, and including the ability to run any command as
34 any user. This makes the default install roughly equivalent to our
35 old use of the --with-exempt=sudo build option, closes: #536220, #536222
37 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
39 sudo (1.7.0-1) unstable; urgency=low
41 * new upstream version, closes: #510179, #128268, #520274, #508514
42 * fix ldap config file path for sudo-ldap package, including creating
43 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
44 package, closes: #430826
45 * fix NOPASSWD entry location in default config file for the sudo-ldap
46 instance too, closes: #479616
48 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
50 sudo (1.6.9p17-2) unstable; urgency=high
52 * patch from upstream to fix privilege escalation with certain
53 configurations, CVE-2009-0034
54 * typo in sudoers man page, closes: #507163
56 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
58 sudo (1.6.9p17-1) unstable; urgency=low
60 * new upstream version, closes: #481008
61 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
62 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
63 in move from CVS to git for package management, closes: #475821
64 * re-instate the init.d for the sudo-ldap package too... /o\
66 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
68 sudo (1.6.9p15-2) unstable; urgency=low
70 * revert the fix for 388659 such that visudo once again defaults to using
71 /usr/bin/editor. I was always ambivalent about this change, it has caused
72 more confusion and frustration than it cured, and I find Justin's line of
73 reasoning persuasive. Update the man page source to reflect this choice
74 and the related use of --with-env-editor. Closes: #474197.
75 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
77 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
79 sudo (1.6.9p15-1) unstable; urgency=low
81 * new upstream version, closes: #467126, #473337
82 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
83 thanks to Justin Pryzby for pointing this out
84 * reinstate the init.d, since bootclean doesn't quite do what we want. This
85 also means we don't need the preinst scripts any more. Update the lintian
86 overrides since postinst is a Perl script lintian apparently isn't parsing
89 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
91 sudo (1.6.9p12-1) unstable; urgency=low
93 * new upstream version, closes: #464890
95 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
97 sudo (1.6.9p11-3) unstable; urgency=low
99 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
101 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
103 sudo (1.6.9p11-2) unstable; urgency=low
105 * update version compared in preinst when removing obsolete init.d,
107 * implement pam session config suggestions from Elizabeth Fong,
108 closes: #452457, #402329
110 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
112 sudo (1.6.9p11-1) unstable; urgency=low
114 * new upstream version
116 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
118 sudo (1.6.9p10-1) unstable; urgency=low
120 * new upstream version
121 * tweak default password prompt as %u doesn't make sense. Accept patch from
122 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
123 uses it by default, closes: #454409
124 * accept patch from Martin Pitt that adds a prerm making it difficult to
125 "accidentally" remove sudo when there is no root password set on the
126 system, closes: #451241
128 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
130 sudo (1.6.9p9-1) unstable; urgency=low
132 * new upstream version
133 * debian/rules: configure a more informative default password prompt to
134 reduce confusion when using sudo to invoke commands which also ask for
135 passwords, closes: #343268
136 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
137 a custom prompt, closes: #448628.
138 * fix configure's ability to discover that libc has dirfd, closes: #451324
139 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
140 the command 'visudo' invokes a vi variant by default as documented,
143 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
145 sudo (1.6.9p6-1) unstable; urgency=low
147 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
148 closes: #434832, #434608, #430382
149 * eliminate the now-redundant init.d scripts, closes: #397090
150 * fix typo in TROUBLESHOOTING file, closes: #439624
152 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
154 sudo (1.6.8p12-6) unstable; urgency=low
156 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
157 * have init.d touch directories in /var/run/sudo, not just files, as a
159 * fix various typos in sudoers.pod, closes: #419749
160 * don't let Makefile strip binaries, closes: #438073
162 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
164 sudo (1.6.8p12-5) unstable; urgency=low
166 * update debian/copyright to reflect new upstream URL, closes: #368746
167 * add sandwich cartoon URL to the README.Debian
168 * don't remove sudoers on purge. can cause problems when moving between
169 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
170 evil choice for now, closes: #401366
171 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
173 * accept patch that improves debian/rules from Ted Percival, closes: #382122
174 * no longer build with --with-exempt=sudo, provide an example entry in the
175 default sudoers file instead, closes: #296605
176 * add --with-devel to configure and augment build dependencies so that flex
177 and yacc files get re-generated on every build, closes: #316249
179 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
181 sudo (1.6.8p12-4) unstable; urgency=low
183 * patch from Petter Reinholdtsen for the LSB info block in the init.d
184 script, closes: #361055
185 * deliver sudoers sample again, closes: #361593
187 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
189 sudo (1.6.8p12-3) unstable; urgency=low
191 * force-feed configure knowledge of nroff's path so we get unformatted man
192 pages installed without build-depending on groff-base, closes: #360894
193 * add a reference to OPTIONS in the man page, closes: #186226
195 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
197 sudo (1.6.8p12-2) unstable; urgency=low
199 * fix typos in init scripts, closes: #346325
200 * update to debhelper compat level 5
201 * build depend on autotools-dev to ensure config.sub/guess are fresh
202 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
203 use it here as well. Thanks to Martin and the debian-security team.
204 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
205 closes: #315115, #315718, #203874
206 * Non-maintainer upload by the Security Team
207 * Reworked the former patch to limit environment variables from being
208 passed through, set env_reset as default instead [sudo.c, env.c,
209 sudoers.pod, Bug#342948, CVE-2005-4158]
210 * env_reset is now set by default
211 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
212 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
213 (in addition to the SUDO_* variables)
214 * Rebuild sudoers.man.in from the POD file
215 * Added README.Debian
216 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
217 * simplify rules file by using more of Makefile, despite having to override
218 default directories with more arguments to configure, closes: #292833
219 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
220 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
221 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
222 unresolveable (requires adding bison as build dep), closes: #314949
224 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
226 sudo (1.6.8p12-1) unstable; urgency=low
228 * new upstream version, closes: #342948 (CVE-2005-4158)
229 * add env_reset to the sudoers file we create if none already exists,
230 as a further precaution in response to discussion about CVS-2005-4158
231 * split ldap support into a new sudo-ldap package. I was trying to avoid
232 doing this, but the impact of going from 4 to 17 linked shlibs on the
233 autobuilder chroots is sufficient motivation for me.
236 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
238 sudo (1.6.8p9-4) unstable; urgency=low
240 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
241 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
242 timestamps in the init.d script, closes: #330868
243 * add dependency header to init.d script, closes: #332849
245 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
247 sudo (1.6.8p9-3) unstable; urgency=high
249 * update debhelper compatibility level from 2 to 4
250 * add man page symlink for sudoedit
251 * Clean SHELLOPTS and PS4 from the environment before executing programs
252 with sudo permissions [env.c, CAN-2005-2959]
253 * fix typo in manpage pointed out by Moray Allen, closes: #285995
254 * fix paths in sample complex sudoers file, closes: #303542
255 * fix type in sudoers man page, closes: #311244
257 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
259 sudo (1.6.8p9-2) unstable; urgency=high
261 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
264 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
266 sudo (1.6.8p9-1) unstable; urgency=high
268 * new upstream version, fixes a race condition in sudo's pathname
269 validation, which is a security issue (CAN-2005-1993),
270 closes: #315115, #315718
272 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
274 sudo (1.6.8p7-1) unstable; urgency=low
276 * new upstream version, closes: #299585
277 * update lintian overrides to squelch the postinst warning
278 * change sudoedit from a hard to a soft link, closes: #296896
279 * fix regex doc in sudoers man page, closes: #300361
281 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
283 sudo (1.6.8p5-1) unstable; urgency=high
285 * new upstream version
286 * restores ability to use config tuples without a value, which was causing
287 problems on upgrade closes: #283306
288 * deliver sudoedit, closes: #283078
289 * marking urgency high since 283306 is a serious upgrade incompatibility
291 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
293 sudo (1.6.8p3-2) unstable; urgency=high
295 * update pam.d deliverable so ldap works again, closes: #282191
297 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
299 sudo (1.6.8p3-1) unstable; urgency=high
301 * new upstream version, fixes a flaw in sudo's environment sanitizing that
302 could allow a malicious user with permission to run a shell script that
303 utilized the bash shell to run arbitrary commands, closes: #281665
304 * patch the sample sudoers to have the proper path for kill on Debian
305 systems, closes: #263486
306 * patch the sudo manpage to reflect Debian's choice of exempt_group
307 default setting, closes: #236465
308 * patch the sudo manpage to reflect Debian's choice of no timeout on the
309 password prompt, closes: #271194
311 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
313 sudo (1.6.7p5-2) unstable; urgency=low
315 * Jeff Bailey reports that seteuid works on current sparc systems, so we
316 no longer need the "grosshack" stuff in the sudo rules file
317 * add a postrm that removes /etc/sudoers on purge. don't do this with the
318 normal conffile mechanism since it would generate noise on every upgrade,
321 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
323 sudo (1.6.7p5-1) unstable; urgency=low
325 * new upstream version, closes: #190265, #193222, #197244
326 * change from '.' to ':' in postinst chown call, closes: #208369
328 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
330 sudo (1.6.7p3-2) unstable; urgency=low
332 * add --disable-setresuid to configure call since 2.2 kernels don't support
333 setresgid, closes: #189044
334 * cosmetic cleanups to debian/rules as long as I'm there
336 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
338 sudo (1.6.7p3-1) unstable; urgency=low
340 * new upstream version
341 * add overrides to quiet lintian about things it doesn't understand,
342 except the source one that can't be overridden until 129510 is fixed
344 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
346 sudo (1.6.6-3) unstable; urgency=low
348 * add code to rules file to update config.sub/guess, closes: #164501
350 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
352 sudo (1.6.6-2) unstable; urgency=low
354 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
355 configure, and lose the build dependency on mail-transport-agent
356 * incorporate changes from LaMont's NMU, closes: #144665, #144737
357 * update init.d to not try and set time on nonexistent timestamp files,
359 * build with --with-all-insults, admin must edit sudoers to turn insults
360 on at runtime if desired, closes: #135374
361 * stop setting /usr/doc symlink in postinst
363 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
365 sudo (1.6.6-1.1) unstable; urgency=high
367 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
368 * Revert patch to auth/pam.c that left pass uninitialized, causing a
369 segfault (Closes: #144665).
371 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
373 sudo (1.6.6-1) unstable; urgency=high
375 * new upstream version, fixes security problem with crafty prompts,
378 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
380 sudo (1.6.5p1-4) unstable; urgency=high
382 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
383 if ctrl/C'ed at password prompt, closes: #131235
385 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
387 sudo (1.6.5p1-3) unstable; urgency=high
389 * ugly hack to add --disable-saved-ids when building on sparc in response
390 to 131592, which will be reassigned to glibc for a real fix
391 * urgency high since the sudo currently in testing for sparc is worthless
393 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
395 sudo (1.6.5p1-2) unstable; urgency=high
397 * patch from upstream to fix seg faults caused by versions of pam that
398 follow a NULL pointer, closes: #129512
400 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
402 sudo (1.6.5p1-1) unstable; urgency=high
404 * new upstream version
405 * add --disable-root-mailer option supported by new version to configure
406 call in rules file, closes: #129648
408 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
410 sudo (1.6.4p1-1) unstable; urgency=high
412 * new upstream version, with fix for segfaulting problem in 1.6.4
414 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
416 sudo (1.6.4-1) unstable; urgency=high
418 * new upstream version, includes an important security fix, closes: #127576
420 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
422 sudo (1.6.3p7-5) unstable; urgency=low
424 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
425 * fix spelling error in init.d, closes: #126847
427 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
429 sudo (1.6.3p7-4) unstable; urgency=medium
431 * use touch to set status files to an ancient date instead of removing them
432 outright on reboot. this achieves the desired effect of keeping elevated
433 privs from living across reboots, without forcing everyone to see the
434 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
435 for systems with good clocks, and 'recent enough' that broken PC hardware
436 setting the clock to commonly-seen bogus dates trips over the "don't trust
437 future timestamps" rule. closes: #76529, #123559
438 * apply patch from Steve Langasek to fix seg faults due to interaction with
439 PAM code. upstream confirms the problem, and says they're fixing this
440 differently for their next release... but this should be useful in the
441 meantime, and would be good to get into woody. closes: #119147
442 * only run the init.d at boot, not on each runlevel change... and don't run
443 it during package configure. closes: #125935
444 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
446 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
448 sudo (1.6.3p7-3) unstable; urgency=low
450 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
451 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
452 * fix a typo in the manpage, closes: #97368
453 * apply patch to configure.in and run autoconf to fix problem building on
454 the hurd, closes: #96325
455 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
456 to not last across reboots, closes: #76529
457 * clean up lintian-noticed cosmetic packaging issues
459 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
461 sudo (1.6.3p7-2) unstable; urgency=low
463 * update config.sub/guess for hppa support
465 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
467 sudo (1.6.3p7-1) unstable; urgency=low
469 * new upstream version
470 * add build dependency on mail-transport-agent, closes: #90685
472 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
474 sudo (1.6.3p6-1) unstable; urgency=high
476 * new upstream version, fixes buffer overflow problem,
477 closes: #87259, #87278, #87263
478 * revert to using --with-secure-path option at build time, since the option
479 available in sudoers is parsed too late to be useful, and upstream says
480 it won't get fixed quickly. This reopens 85123, which I will mark as
481 forwarded. Closes: #86199, #86117, #85676
483 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
485 sudo (1.6.3p5-2) unstable; urgency=low
487 * lose the dh_suidregister call since it's obsolete
488 * stop using the --with-secure-path option at build time, and instead show
489 how to set it in sudoers. Closes: #85123
490 * freshen config.sub and config.guess for ia64 and hppa
491 * update sudoers man page to indicate exempt_group is on by default,
494 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
496 sudo (1.6.3p5-1) unstable; urgency=low
498 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
499 * this version restores core dumps before the exec, while leaving them
500 disabled during sudo's internal execution, closes: #58289
501 * update debhelper calls in rules file
503 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
505 sudo (1.6.2p2-1) frozen unstable; urgency=medium
507 * new upstream source resulting from direct collaboration with the upstream
508 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
509 Closes: #56129, #55978, #55979, #56550, #56772
510 * include more upstream documentation, closes: #55054
511 * pam.d fragment update, closes: #56129
513 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
515 sudo (1.6.1-1) unstable; urgency=low
517 * new upstream source, closes: #52750
519 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
521 sudo (1.6-2) unstable; urgency=low
523 * drop suidregister support for this package. The sudo executable is
524 essentially worthless unless it is setuid root, and making suidregister
525 work involves shipping a non-setuid executable in the .deb and setting the
526 perms in the postinst. On a long upgrade run, this can leave the sudo
527 executable 'broken' for a long time, which is unacceptable. With this
528 version, we ship the executable setuid root in the .deb. Closes: #51742
530 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
532 sudo (1.6-1) unstable; urgency=low
534 * new upstream version, many options previously set at compile-time are now
535 configurable at runtime.
536 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
539 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
541 sudo (1.5.9p4-1) unstable; urgency=low
543 * new upstream version, closes: #43464
544 * empty password handling was fixed in 1.5.8, closes: #31863
546 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
548 sudo (1.5.9p1-1) unstable; urgency=low
550 * new upstream version
552 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
554 sudo (1.5.8p1-1) unstable; urgency=medium
556 * new upstream version, closes 33690
557 * add dependency on libpam-modules, closes 34215, 33432
559 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
561 sudo (1.5.7p4-2) unstable; urgency=medium
563 * update the pam fragment provided so that sudo works with latest pam bits,
566 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
568 sudo (1.5.7p4-1) unstable; urgency=low
570 * new upstream release
572 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
574 sudo (1.5.6p5-1) unstable; urgency=low
576 * new upstream patch release
577 * add PAM support, closes 28594
579 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
581 sudo (1.5.6p2-2) unstable; urgency=low
583 * update copyright file, closes 24136
584 * review and close forwarded bugs believed fixed in this upstream version,
587 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
589 sudo (1.5.6p2-1) unstable; urgency=low
591 * new upstream release
593 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
595 sudo (1.5.4-4) frozen unstable; urgency=low
597 * update postinst to use groupadd, closes 21403
598 * move the suidregister stuff earlier in postinst to ensure it always runs
600 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
602 sudo (1.5.4-3) frozen unstable; urgency=low
604 * change /etc/sudoers from a conffile to being handled in postinst,
606 * add suidmanager support, closes 15711
607 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
608 unlikely to ever fix, and which just don't matter. closes 17146
609 * fix FSF address in copyright file, and submit exception for lintian
610 warning about sudo being setuid root
612 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
614 sudo (1.5.4-2) unstable; urgency=high
616 * patch from upstream author correcting/improving security fix
618 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
620 sudo (1.5.4-1) unstable; urgency=high
622 * new upstream version, includes a security fix
623 * change default editor from /bin/ae to /usr/bin/editor
625 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
627 sudo (1.5.3-1) unstable; urgency=medium
629 * new upstream version, closes bug 15911.
630 * rules file reworked to use debhelper
631 * implement a really gross hack to force use of the sudo-provided
632 lsearch(), since the one in libc6 is broken! This closes bugs
633 12552, 12557, 14881, 15259, 15916.
635 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
637 sudo (1.5.2-6) unstable; urgency=LOW
639 * don't install INSTALL in the doc directory, closes bug 13195.
641 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
643 sudo (1.5.2-5) unstable; urgency=LOW
647 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
649 sudo (1.5.2-4) unstable; urgency=LOW
651 * change TIMEOUT (how long before you have to type your password again)
652 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
653 packages on slower machines much more tolerable. Closes bug 9076.
654 * touch debian/suid before debstd. Closes bug 8709.
656 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
658 sudo (1.5.2-3) frozen unstable; urgency=LOW
660 * patch from upstream maintainer to close Bug 6828
661 * add a debian/suid file to get debstd to leave my perl postinst alone
663 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
665 sudo (1.5.2-2) frozen unstable; urgency=LOW
667 * change rules to use -O2 -Wall as per standards
669 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
671 sudo (1.5.2-1) unstable; urgency=LOW
673 * new upstream version
674 * cosmetic changes to debian package control files
676 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
678 sudo (1.5-2) unstable; urgency=LOW
680 * add /usr/X11R6/bin to the end of the secure path... this makes it
681 much easier to run xmkmf, etc., during package builds. To the extent
682 that /usr/local/sbin and /usr/local/bin were already included, I see
683 no security reasons not to add this.
685 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
687 sudo (1.5-1) unstable; urgency=LOW
689 * New upstream version
691 * New packaging format
693 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
695 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
699 * hard code SECURE_PATH to:
700 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
704 * enabled EXEMPTGROUP "sudo"
706 * moved timestamp dir to /var/log/sudo
708 * changed parser to check for long and short filenames (Bug#1162)
710 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
714 * New upstream source
716 * Fixed postinst script
717 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
719 * Removed special shadow binary. This version works with and without
720 shadow password file.
722 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
726 * Corrected editor path to /bin/ae (Bug#3062)
728 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
730 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
734 * New upstream version
736 * Changed sudoers permission to 440 (owner root, group root) to make
739 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
743 * Applied upstream patch 1
745 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
749 * Applied upstream patch 2
751 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
755 * Applied upstream patch 3 (fixes problems with an NFS-mounted
759 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
763 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
764 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
766 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
770 * Applied upstream patch 4 (fixes several bugs)
772 * Changed priority to optional
774 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
778 * Corrected postinst to create correct permission for /etc/sudoers
781 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
785 * New upstream version
788 sudo (1.4.4-2) admin; urgency=HIGH
790 * Fixed major security bug reported by Peter Tobias
791 <tobias@et-inf.fho-emden.de>
792 * Added dchanges support to debian.rules
794 sudo (1.4.5-1) admin; urgency=LOW
796 * New upstream version
797 * Minor changes to debian.rules