1 sudo (1.7.4p4-3) unstable; urgency=low
3 * make postinst clause for handling /var/run -> /var/lib transition less
4 fragile, closes: #585514
6 -- Bdale Garbee <bdale@gag.com> Thu, 09 Sep 2010 13:54:25 -0600
8 sudo (1.7.4p4-2) unstable; urgency=low
10 * add a NEWS item about change in $HOME handling that impacts programs
13 -- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600
15 sudo (1.7.4p4-1) unstable; urgency=high
17 * new upstream version, urgency high due to fix for flaw in Runas group
18 matching (CVE-2010-2956), closes: #595935
19 * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
20 re-lecturing existing users, and to clean up after ourselves on upgrade,
21 and remove the RAMRUN section from README.Debian since the new state dir
22 should fix the original problem, closes: #585514
23 * deliver README.Debian to both package flavors, closes: #593579
25 -- Bdale Garbee <bdale@gag.com> Tue, 07 Sep 2010 12:22:42 -0600
27 sudo (1.7.2p7-1) unstable; urgency=high
29 * new upstream release with security fix for secure path (CVE-2010-1646),
31 * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
32 about whether to give the lecture is preserved across reboots even when
33 RAMRUN is set, closes: #581393
34 * add a note to README.Debian about LDAP needing an entry in
35 /etc/nsswitch.conf, closes: #522065
36 * add a note to README.Debian about how to turn off lectures if using
37 RAMRUN in /etc/default/rcS, closes: #581393
39 -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600
41 sudo (1.7.2p6-1) unstable; urgency=low
43 * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
45 -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
47 sudo (1.7.2p5-1) unstable; urgency=low
49 * new upstream release, closes a bug filed upstream regarding missing man
50 page processing scripts in the 1.7.2p1 tarball, also includes the fix
51 for CVE-2010-0426 previously the subject of a security team nmu
52 * move to source format 3.0 (quilt) and restructure changes as patches
53 * fix unprocessed substitution variables in man pages, closes: #557204
54 * apply patch from Neil Moore to fix Debian-specific content in the
55 visudo man page, closes: #555013
56 * update descriptions to better explain sudo-ldap, closes: #573108
57 * eliminate spurious 'and' in man page, closes: #571620
58 * fix confusing text in default sudoers, closes: #566607
60 -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
62 sudo (1.7.2p1-1) unstable; urgency=low
64 * new upstream version
65 * add support for /etc/sudoers.d using #includedir in default sudoers,
66 which I think is also a good solution to the request for a crontab-like
67 API requested in March of 2001, closes: #539994, #271813, #89743
68 * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
70 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
72 sudo (1.7.2-2) unstable; urgency=low
74 * further improve initial sudoers to not include the NOPASSWD option on
75 the group sudo exception, closes: #539136, #198991
77 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
79 sudo (1.7.2-1) unstable; urgency=low
81 * new upstream version, closes: #537103
82 * improve initial sudoers by having the exemption for users in group
83 sudo on by default, and including the ability to run any command as
84 any user. This makes the default install roughly equivalent to our
85 old use of the --with-exempt=sudo build option, closes: #536220, #536222
87 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
89 sudo (1.7.0-1) unstable; urgency=low
91 * new upstream version, closes: #510179, #128268, #520274, #508514
92 * fix ldap config file path for sudo-ldap package, including creating
93 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
94 package, closes: #430826
95 * fix NOPASSWD entry location in default config file for the sudo-ldap
96 instance too, closes: #479616
98 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
100 sudo (1.6.9p17-2) unstable; urgency=high
102 * patch from upstream to fix privilege escalation with certain
103 configurations, CVE-2009-0034
104 * typo in sudoers man page, closes: #507163
106 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
108 sudo (1.6.9p17-1) unstable; urgency=low
110 * new upstream version, closes: #481008
111 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
112 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
113 in move from CVS to git for package management, closes: #475821
114 * re-instate the init.d for the sudo-ldap package too... /o\
116 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
118 sudo (1.6.9p15-2) unstable; urgency=low
120 * revert the fix for 388659 such that visudo once again defaults to using
121 /usr/bin/editor. I was always ambivalent about this change, it has caused
122 more confusion and frustration than it cured, and I find Justin's line of
123 reasoning persuasive. Update the man page source to reflect this choice
124 and the related use of --with-env-editor. Closes: #474197.
125 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
127 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
129 sudo (1.6.9p15-1) unstable; urgency=low
131 * new upstream version, closes: #467126, #473337
132 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
133 thanks to Justin Pryzby for pointing this out
134 * reinstate the init.d, since bootclean doesn't quite do what we want. This
135 also means we don't need the preinst scripts any more. Update the lintian
136 overrides since postinst is a Perl script lintian apparently isn't parsing
137 well. closes: #330868
139 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
141 sudo (1.6.9p12-1) unstable; urgency=low
143 * new upstream version, closes: #464890
145 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
147 sudo (1.6.9p11-3) unstable; urgency=low
149 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
151 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
153 sudo (1.6.9p11-2) unstable; urgency=low
155 * update version compared in preinst when removing obsolete init.d,
157 * implement pam session config suggestions from Elizabeth Fong,
158 closes: #452457, #402329
160 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
162 sudo (1.6.9p11-1) unstable; urgency=low
164 * new upstream version
166 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
168 sudo (1.6.9p10-1) unstable; urgency=low
170 * new upstream version
171 * tweak default password prompt as %u doesn't make sense. Accept patch from
172 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
173 uses it by default, closes: #454409
174 * accept patch from Martin Pitt that adds a prerm making it difficult to
175 "accidentally" remove sudo when there is no root password set on the
176 system, closes: #451241
178 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
180 sudo (1.6.9p9-1) unstable; urgency=low
182 * new upstream version
183 * debian/rules: configure a more informative default password prompt to
184 reduce confusion when using sudo to invoke commands which also ask for
185 passwords, closes: #343268
186 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
187 a custom prompt, closes: #448628.
188 * fix configure's ability to discover that libc has dirfd, closes: #451324
189 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
190 the command 'visudo' invokes a vi variant by default as documented,
193 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
195 sudo (1.6.9p6-1) unstable; urgency=low
197 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
198 closes: #434832, #434608, #430382
199 * eliminate the now-redundant init.d scripts, closes: #397090
200 * fix typo in TROUBLESHOOTING file, closes: #439624
202 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
204 sudo (1.6.8p12-6) unstable; urgency=low
206 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
207 * have init.d touch directories in /var/run/sudo, not just files, as a
209 * fix various typos in sudoers.pod, closes: #419749
210 * don't let Makefile strip binaries, closes: #438073
212 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
214 sudo (1.6.8p12-5) unstable; urgency=low
216 * update debian/copyright to reflect new upstream URL, closes: #368746
217 * add sandwich cartoon URL to the README.Debian
218 * don't remove sudoers on purge. can cause problems when moving between
219 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
220 evil choice for now, closes: #401366
221 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
223 * accept patch that improves debian/rules from Ted Percival, closes: #382122
224 * no longer build with --with-exempt=sudo, provide an example entry in the
225 default sudoers file instead, closes: #296605
226 * add --with-devel to configure and augment build dependencies so that flex
227 and yacc files get re-generated on every build, closes: #316249
229 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
231 sudo (1.6.8p12-4) unstable; urgency=low
233 * patch from Petter Reinholdtsen for the LSB info block in the init.d
234 script, closes: #361055
235 * deliver sudoers sample again, closes: #361593
237 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
239 sudo (1.6.8p12-3) unstable; urgency=low
241 * force-feed configure knowledge of nroff's path so we get unformatted man
242 pages installed without build-depending on groff-base, closes: #360894
243 * add a reference to OPTIONS in the man page, closes: #186226
245 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
247 sudo (1.6.8p12-2) unstable; urgency=low
249 * fix typos in init scripts, closes: #346325
250 * update to debhelper compat level 5
251 * build depend on autotools-dev to ensure config.sub/guess are fresh
252 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
253 use it here as well. Thanks to Martin and the debian-security team.
254 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
255 closes: #315115, #315718, #203874
256 * Non-maintainer upload by the Security Team
257 * Reworked the former patch to limit environment variables from being
258 passed through, set env_reset as default instead [sudo.c, env.c,
259 sudoers.pod, Bug#342948, CVE-2005-4158]
260 * env_reset is now set by default
261 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
262 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
263 (in addition to the SUDO_* variables)
264 * Rebuild sudoers.man.in from the POD file
265 * Added README.Debian
266 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
267 * simplify rules file by using more of Makefile, despite having to override
268 default directories with more arguments to configure, closes: #292833
269 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
270 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
271 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
272 unresolveable (requires adding bison as build dep), closes: #314949
274 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
276 sudo (1.6.8p12-1) unstable; urgency=low
278 * new upstream version, closes: #342948 (CVE-2005-4158)
279 * add env_reset to the sudoers file we create if none already exists,
280 as a further precaution in response to discussion about CVS-2005-4158
281 * split ldap support into a new sudo-ldap package. I was trying to avoid
282 doing this, but the impact of going from 4 to 17 linked shlibs on the
283 autobuilder chroots is sufficient motivation for me.
286 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
288 sudo (1.6.8p9-4) unstable; urgency=low
290 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
291 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
292 timestamps in the init.d script, closes: #330868
293 * add dependency header to init.d script, closes: #332849
295 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
297 sudo (1.6.8p9-3) unstable; urgency=high
299 * update debhelper compatibility level from 2 to 4
300 * add man page symlink for sudoedit
301 * Clean SHELLOPTS and PS4 from the environment before executing programs
302 with sudo permissions [env.c, CAN-2005-2959]
303 * fix typo in manpage pointed out by Moray Allen, closes: #285995
304 * fix paths in sample complex sudoers file, closes: #303542
305 * fix type in sudoers man page, closes: #311244
307 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
309 sudo (1.6.8p9-2) unstable; urgency=high
311 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
314 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
316 sudo (1.6.8p9-1) unstable; urgency=high
318 * new upstream version, fixes a race condition in sudo's pathname
319 validation, which is a security issue (CAN-2005-1993),
320 closes: #315115, #315718
322 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
324 sudo (1.6.8p7-1) unstable; urgency=low
326 * new upstream version, closes: #299585
327 * update lintian overrides to squelch the postinst warning
328 * change sudoedit from a hard to a soft link, closes: #296896
329 * fix regex doc in sudoers man page, closes: #300361
331 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
333 sudo (1.6.8p5-1) unstable; urgency=high
335 * new upstream version
336 * restores ability to use config tuples without a value, which was causing
337 problems on upgrade closes: #283306
338 * deliver sudoedit, closes: #283078
339 * marking urgency high since 283306 is a serious upgrade incompatibility
341 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
343 sudo (1.6.8p3-2) unstable; urgency=high
345 * update pam.d deliverable so ldap works again, closes: #282191
347 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
349 sudo (1.6.8p3-1) unstable; urgency=high
351 * new upstream version, fixes a flaw in sudo's environment sanitizing that
352 could allow a malicious user with permission to run a shell script that
353 utilized the bash shell to run arbitrary commands, closes: #281665
354 * patch the sample sudoers to have the proper path for kill on Debian
355 systems, closes: #263486
356 * patch the sudo manpage to reflect Debian's choice of exempt_group
357 default setting, closes: #236465
358 * patch the sudo manpage to reflect Debian's choice of no timeout on the
359 password prompt, closes: #271194
361 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
363 sudo (1.6.7p5-2) unstable; urgency=low
365 * Jeff Bailey reports that seteuid works on current sparc systems, so we
366 no longer need the "grosshack" stuff in the sudo rules file
367 * add a postrm that removes /etc/sudoers on purge. don't do this with the
368 normal conffile mechanism since it would generate noise on every upgrade,
371 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
373 sudo (1.6.7p5-1) unstable; urgency=low
375 * new upstream version, closes: #190265, #193222, #197244
376 * change from '.' to ':' in postinst chown call, closes: #208369
378 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
380 sudo (1.6.7p3-2) unstable; urgency=low
382 * add --disable-setresuid to configure call since 2.2 kernels don't support
383 setresgid, closes: #189044
384 * cosmetic cleanups to debian/rules as long as I'm there
386 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
388 sudo (1.6.7p3-1) unstable; urgency=low
390 * new upstream version
391 * add overrides to quiet lintian about things it doesn't understand,
392 except the source one that can't be overridden until 129510 is fixed
394 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
396 sudo (1.6.6-3) unstable; urgency=low
398 * add code to rules file to update config.sub/guess, closes: #164501
400 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
402 sudo (1.6.6-2) unstable; urgency=low
404 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
405 configure, and lose the build dependency on mail-transport-agent
406 * incorporate changes from LaMont's NMU, closes: #144665, #144737
407 * update init.d to not try and set time on nonexistent timestamp files,
409 * build with --with-all-insults, admin must edit sudoers to turn insults
410 on at runtime if desired, closes: #135374
411 * stop setting /usr/doc symlink in postinst
413 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
415 sudo (1.6.6-1.1) unstable; urgency=high
417 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
418 * Revert patch to auth/pam.c that left pass uninitialized, causing a
419 segfault (Closes: #144665).
421 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
423 sudo (1.6.6-1) unstable; urgency=high
425 * new upstream version, fixes security problem with crafty prompts,
428 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
430 sudo (1.6.5p1-4) unstable; urgency=high
432 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
433 if ctrl/C'ed at password prompt, closes: #131235
435 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
437 sudo (1.6.5p1-3) unstable; urgency=high
439 * ugly hack to add --disable-saved-ids when building on sparc in response
440 to 131592, which will be reassigned to glibc for a real fix
441 * urgency high since the sudo currently in testing for sparc is worthless
443 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
445 sudo (1.6.5p1-2) unstable; urgency=high
447 * patch from upstream to fix seg faults caused by versions of pam that
448 follow a NULL pointer, closes: #129512
450 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
452 sudo (1.6.5p1-1) unstable; urgency=high
454 * new upstream version
455 * add --disable-root-mailer option supported by new version to configure
456 call in rules file, closes: #129648
458 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
460 sudo (1.6.4p1-1) unstable; urgency=high
462 * new upstream version, with fix for segfaulting problem in 1.6.4
464 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
466 sudo (1.6.4-1) unstable; urgency=high
468 * new upstream version, includes an important security fix, closes: #127576
470 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
472 sudo (1.6.3p7-5) unstable; urgency=low
474 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
475 * fix spelling error in init.d, closes: #126847
477 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
479 sudo (1.6.3p7-4) unstable; urgency=medium
481 * use touch to set status files to an ancient date instead of removing them
482 outright on reboot. this achieves the desired effect of keeping elevated
483 privs from living across reboots, without forcing everyone to see the
484 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
485 for systems with good clocks, and 'recent enough' that broken PC hardware
486 setting the clock to commonly-seen bogus dates trips over the "don't trust
487 future timestamps" rule. closes: #76529, #123559
488 * apply patch from Steve Langasek to fix seg faults due to interaction with
489 PAM code. upstream confirms the problem, and says they're fixing this
490 differently for their next release... but this should be useful in the
491 meantime, and would be good to get into woody. closes: #119147
492 * only run the init.d at boot, not on each runlevel change... and don't run
493 it during package configure. closes: #125935
494 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
496 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
498 sudo (1.6.3p7-3) unstable; urgency=low
500 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
501 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
502 * fix a typo in the manpage, closes: #97368
503 * apply patch to configure.in and run autoconf to fix problem building on
504 the hurd, closes: #96325
505 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
506 to not last across reboots, closes: #76529
507 * clean up lintian-noticed cosmetic packaging issues
509 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
511 sudo (1.6.3p7-2) unstable; urgency=low
513 * update config.sub/guess for hppa support
515 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
517 sudo (1.6.3p7-1) unstable; urgency=low
519 * new upstream version
520 * add build dependency on mail-transport-agent, closes: #90685
522 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
524 sudo (1.6.3p6-1) unstable; urgency=high
526 * new upstream version, fixes buffer overflow problem,
527 closes: #87259, #87278, #87263
528 * revert to using --with-secure-path option at build time, since the option
529 available in sudoers is parsed too late to be useful, and upstream says
530 it won't get fixed quickly. This reopens 85123, which I will mark as
531 forwarded. Closes: #86199, #86117, #85676
533 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
535 sudo (1.6.3p5-2) unstable; urgency=low
537 * lose the dh_suidregister call since it's obsolete
538 * stop using the --with-secure-path option at build time, and instead show
539 how to set it in sudoers. Closes: #85123
540 * freshen config.sub and config.guess for ia64 and hppa
541 * update sudoers man page to indicate exempt_group is on by default,
544 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
546 sudo (1.6.3p5-1) unstable; urgency=low
548 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
549 * this version restores core dumps before the exec, while leaving them
550 disabled during sudo's internal execution, closes: #58289
551 * update debhelper calls in rules file
553 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
555 sudo (1.6.2p2-1) frozen unstable; urgency=medium
557 * new upstream source resulting from direct collaboration with the upstream
558 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
559 Closes: #56129, #55978, #55979, #56550, #56772
560 * include more upstream documentation, closes: #55054
561 * pam.d fragment update, closes: #56129
563 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
565 sudo (1.6.1-1) unstable; urgency=low
567 * new upstream source, closes: #52750
569 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
571 sudo (1.6-2) unstable; urgency=low
573 * drop suidregister support for this package. The sudo executable is
574 essentially worthless unless it is setuid root, and making suidregister
575 work involves shipping a non-setuid executable in the .deb and setting the
576 perms in the postinst. On a long upgrade run, this can leave the sudo
577 executable 'broken' for a long time, which is unacceptable. With this
578 version, we ship the executable setuid root in the .deb. Closes: #51742
580 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
582 sudo (1.6-1) unstable; urgency=low
584 * new upstream version, many options previously set at compile-time are now
585 configurable at runtime.
586 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
589 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
591 sudo (1.5.9p4-1) unstable; urgency=low
593 * new upstream version, closes: #43464
594 * empty password handling was fixed in 1.5.8, closes: #31863
596 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
598 sudo (1.5.9p1-1) unstable; urgency=low
600 * new upstream version
602 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
604 sudo (1.5.8p1-1) unstable; urgency=medium
606 * new upstream version, closes 33690
607 * add dependency on libpam-modules, closes 34215, 33432
609 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
611 sudo (1.5.7p4-2) unstable; urgency=medium
613 * update the pam fragment provided so that sudo works with latest pam bits,
616 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
618 sudo (1.5.7p4-1) unstable; urgency=low
620 * new upstream release
622 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
624 sudo (1.5.6p5-1) unstable; urgency=low
626 * new upstream patch release
627 * add PAM support, closes 28594
629 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
631 sudo (1.5.6p2-2) unstable; urgency=low
633 * update copyright file, closes 24136
634 * review and close forwarded bugs believed fixed in this upstream version,
637 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
639 sudo (1.5.6p2-1) unstable; urgency=low
641 * new upstream release
643 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
645 sudo (1.5.4-4) frozen unstable; urgency=low
647 * update postinst to use groupadd, closes 21403
648 * move the suidregister stuff earlier in postinst to ensure it always runs
650 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
652 sudo (1.5.4-3) frozen unstable; urgency=low
654 * change /etc/sudoers from a conffile to being handled in postinst,
656 * add suidmanager support, closes 15711
657 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
658 unlikely to ever fix, and which just don't matter. closes 17146
659 * fix FSF address in copyright file, and submit exception for lintian
660 warning about sudo being setuid root
662 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
664 sudo (1.5.4-2) unstable; urgency=high
666 * patch from upstream author correcting/improving security fix
668 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
670 sudo (1.5.4-1) unstable; urgency=high
672 * new upstream version, includes a security fix
673 * change default editor from /bin/ae to /usr/bin/editor
675 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
677 sudo (1.5.3-1) unstable; urgency=medium
679 * new upstream version, closes bug 15911.
680 * rules file reworked to use debhelper
681 * implement a really gross hack to force use of the sudo-provided
682 lsearch(), since the one in libc6 is broken! This closes bugs
683 12552, 12557, 14881, 15259, 15916.
685 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
687 sudo (1.5.2-6) unstable; urgency=LOW
689 * don't install INSTALL in the doc directory, closes bug 13195.
691 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
693 sudo (1.5.2-5) unstable; urgency=LOW
697 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
699 sudo (1.5.2-4) unstable; urgency=LOW
701 * change TIMEOUT (how long before you have to type your password again)
702 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
703 packages on slower machines much more tolerable. Closes bug 9076.
704 * touch debian/suid before debstd. Closes bug 8709.
706 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
708 sudo (1.5.2-3) frozen unstable; urgency=LOW
710 * patch from upstream maintainer to close Bug 6828
711 * add a debian/suid file to get debstd to leave my perl postinst alone
713 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
715 sudo (1.5.2-2) frozen unstable; urgency=LOW
717 * change rules to use -O2 -Wall as per standards
719 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
721 sudo (1.5.2-1) unstable; urgency=LOW
723 * new upstream version
724 * cosmetic changes to debian package control files
726 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
728 sudo (1.5-2) unstable; urgency=LOW
730 * add /usr/X11R6/bin to the end of the secure path... this makes it
731 much easier to run xmkmf, etc., during package builds. To the extent
732 that /usr/local/sbin and /usr/local/bin were already included, I see
733 no security reasons not to add this.
735 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
737 sudo (1.5-1) unstable; urgency=LOW
739 * New upstream version
741 * New packaging format
743 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
745 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
749 * hard code SECURE_PATH to:
750 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
754 * enabled EXEMPTGROUP "sudo"
756 * moved timestamp dir to /var/log/sudo
758 * changed parser to check for long and short filenames (Bug#1162)
760 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
764 * New upstream source
766 * Fixed postinst script
767 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
769 * Removed special shadow binary. This version works with and without
770 shadow password file.
772 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
776 * Corrected editor path to /bin/ae (Bug#3062)
778 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
780 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
784 * New upstream version
786 * Changed sudoers permission to 440 (owner root, group root) to make
789 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
793 * Applied upstream patch 1
795 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
799 * Applied upstream patch 2
801 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
805 * Applied upstream patch 3 (fixes problems with an NFS-mounted
809 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
813 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
814 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
816 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
820 * Applied upstream patch 4 (fixes several bugs)
822 * Changed priority to optional
824 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
828 * Corrected postinst to create correct permission for /etc/sudoers
831 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
835 * New upstream version
838 sudo (1.4.4-2) admin; urgency=HIGH
840 * Fixed major security bug reported by Peter Tobias
841 <tobias@et-inf.fho-emden.de>
842 * Added dchanges support to debian.rules
844 sudo (1.4.5-1) admin; urgency=LOW
846 * New upstream version
847 * Minor changes to debian.rules