1 sudo (1.7.4p4-3) unstable; urgency=low
3 * make postinst clause for handling /var/run -> /var/lib transition less
4 fragile, closes: #585514
5 * cope with upstream's Makefile trying to install ChangeLog in our doc
6 directory, closes: #597389
7 * fix README.Debian to reflect that HOME is no longer preserved by default,
10 -- Bdale Garbee <bdale@gag.com> Tue, 21 Sep 2010 23:53:08 -0600
12 sudo (1.7.4p4-2) unstable; urgency=low
14 * add a NEWS item about change in $HOME handling that impacts programs
17 -- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600
19 sudo (1.7.4p4-1) unstable; urgency=high
21 * new upstream version, urgency high due to fix for flaw in Runas group
22 matching (CVE-2010-2956), closes: #595935
23 * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
24 re-lecturing existing users, and to clean up after ourselves on upgrade,
25 and remove the RAMRUN section from README.Debian since the new state dir
26 should fix the original problem, closes: #585514
27 * deliver README.Debian to both package flavors, closes: #593579
29 -- Bdale Garbee <bdale@gag.com> Tue, 07 Sep 2010 12:22:42 -0600
31 sudo (1.7.2p7-1) unstable; urgency=high
33 * new upstream release with security fix for secure path (CVE-2010-1646),
35 * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
36 about whether to give the lecture is preserved across reboots even when
37 RAMRUN is set, closes: #581393
38 * add a note to README.Debian about LDAP needing an entry in
39 /etc/nsswitch.conf, closes: #522065
40 * add a note to README.Debian about how to turn off lectures if using
41 RAMRUN in /etc/default/rcS, closes: #581393
43 -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600
45 sudo (1.7.2p6-1) unstable; urgency=low
47 * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
49 -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
51 sudo (1.7.2p5-1) unstable; urgency=low
53 * new upstream release, closes a bug filed upstream regarding missing man
54 page processing scripts in the 1.7.2p1 tarball, also includes the fix
55 for CVE-2010-0426 previously the subject of a security team nmu
56 * move to source format 3.0 (quilt) and restructure changes as patches
57 * fix unprocessed substitution variables in man pages, closes: #557204
58 * apply patch from Neil Moore to fix Debian-specific content in the
59 visudo man page, closes: #555013
60 * update descriptions to better explain sudo-ldap, closes: #573108
61 * eliminate spurious 'and' in man page, closes: #571620
62 * fix confusing text in default sudoers, closes: #566607
64 -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
66 sudo (1.7.2p1-1) unstable; urgency=low
68 * new upstream version
69 * add support for /etc/sudoers.d using #includedir in default sudoers,
70 which I think is also a good solution to the request for a crontab-like
71 API requested in March of 2001, closes: #539994, #271813, #89743
72 * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
74 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
76 sudo (1.7.2-2) unstable; urgency=low
78 * further improve initial sudoers to not include the NOPASSWD option on
79 the group sudo exception, closes: #539136, #198991
81 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
83 sudo (1.7.2-1) unstable; urgency=low
85 * new upstream version, closes: #537103
86 * improve initial sudoers by having the exemption for users in group
87 sudo on by default, and including the ability to run any command as
88 any user. This makes the default install roughly equivalent to our
89 old use of the --with-exempt=sudo build option, closes: #536220, #536222
91 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
93 sudo (1.7.0-1) unstable; urgency=low
95 * new upstream version, closes: #510179, #128268, #520274, #508514
96 * fix ldap config file path for sudo-ldap package, including creating
97 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
98 package, closes: #430826
99 * fix NOPASSWD entry location in default config file for the sudo-ldap
100 instance too, closes: #479616
102 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
104 sudo (1.6.9p17-2) unstable; urgency=high
106 * patch from upstream to fix privilege escalation with certain
107 configurations, CVE-2009-0034
108 * typo in sudoers man page, closes: #507163
110 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
112 sudo (1.6.9p17-1) unstable; urgency=low
114 * new upstream version, closes: #481008
115 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
116 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
117 in move from CVS to git for package management, closes: #475821
118 * re-instate the init.d for the sudo-ldap package too... /o\
120 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
122 sudo (1.6.9p15-2) unstable; urgency=low
124 * revert the fix for 388659 such that visudo once again defaults to using
125 /usr/bin/editor. I was always ambivalent about this change, it has caused
126 more confusion and frustration than it cured, and I find Justin's line of
127 reasoning persuasive. Update the man page source to reflect this choice
128 and the related use of --with-env-editor. Closes: #474197.
129 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
131 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
133 sudo (1.6.9p15-1) unstable; urgency=low
135 * new upstream version, closes: #467126, #473337
136 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
137 thanks to Justin Pryzby for pointing this out
138 * reinstate the init.d, since bootclean doesn't quite do what we want. This
139 also means we don't need the preinst scripts any more. Update the lintian
140 overrides since postinst is a Perl script lintian apparently isn't parsing
141 well. closes: #330868
143 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
145 sudo (1.6.9p12-1) unstable; urgency=low
147 * new upstream version, closes: #464890
149 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
151 sudo (1.6.9p11-3) unstable; urgency=low
153 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
155 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
157 sudo (1.6.9p11-2) unstable; urgency=low
159 * update version compared in preinst when removing obsolete init.d,
161 * implement pam session config suggestions from Elizabeth Fong,
162 closes: #452457, #402329
164 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
166 sudo (1.6.9p11-1) unstable; urgency=low
168 * new upstream version
170 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
172 sudo (1.6.9p10-1) unstable; urgency=low
174 * new upstream version
175 * tweak default password prompt as %u doesn't make sense. Accept patch from
176 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
177 uses it by default, closes: #454409
178 * accept patch from Martin Pitt that adds a prerm making it difficult to
179 "accidentally" remove sudo when there is no root password set on the
180 system, closes: #451241
182 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
184 sudo (1.6.9p9-1) unstable; urgency=low
186 * new upstream version
187 * debian/rules: configure a more informative default password prompt to
188 reduce confusion when using sudo to invoke commands which also ask for
189 passwords, closes: #343268
190 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
191 a custom prompt, closes: #448628.
192 * fix configure's ability to discover that libc has dirfd, closes: #451324
193 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
194 the command 'visudo' invokes a vi variant by default as documented,
197 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
199 sudo (1.6.9p6-1) unstable; urgency=low
201 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
202 closes: #434832, #434608, #430382
203 * eliminate the now-redundant init.d scripts, closes: #397090
204 * fix typo in TROUBLESHOOTING file, closes: #439624
206 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
208 sudo (1.6.8p12-6) unstable; urgency=low
210 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
211 * have init.d touch directories in /var/run/sudo, not just files, as a
213 * fix various typos in sudoers.pod, closes: #419749
214 * don't let Makefile strip binaries, closes: #438073
216 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
218 sudo (1.6.8p12-5) unstable; urgency=low
220 * update debian/copyright to reflect new upstream URL, closes: #368746
221 * add sandwich cartoon URL to the README.Debian
222 * don't remove sudoers on purge. can cause problems when moving between
223 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
224 evil choice for now, closes: #401366
225 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
227 * accept patch that improves debian/rules from Ted Percival, closes: #382122
228 * no longer build with --with-exempt=sudo, provide an example entry in the
229 default sudoers file instead, closes: #296605
230 * add --with-devel to configure and augment build dependencies so that flex
231 and yacc files get re-generated on every build, closes: #316249
233 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
235 sudo (1.6.8p12-4) unstable; urgency=low
237 * patch from Petter Reinholdtsen for the LSB info block in the init.d
238 script, closes: #361055
239 * deliver sudoers sample again, closes: #361593
241 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
243 sudo (1.6.8p12-3) unstable; urgency=low
245 * force-feed configure knowledge of nroff's path so we get unformatted man
246 pages installed without build-depending on groff-base, closes: #360894
247 * add a reference to OPTIONS in the man page, closes: #186226
249 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
251 sudo (1.6.8p12-2) unstable; urgency=low
253 * fix typos in init scripts, closes: #346325
254 * update to debhelper compat level 5
255 * build depend on autotools-dev to ensure config.sub/guess are fresh
256 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
257 use it here as well. Thanks to Martin and the debian-security team.
258 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
259 closes: #315115, #315718, #203874
260 * Non-maintainer upload by the Security Team
261 * Reworked the former patch to limit environment variables from being
262 passed through, set env_reset as default instead [sudo.c, env.c,
263 sudoers.pod, Bug#342948, CVE-2005-4158]
264 * env_reset is now set by default
265 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
266 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
267 (in addition to the SUDO_* variables)
268 * Rebuild sudoers.man.in from the POD file
269 * Added README.Debian
270 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
271 * simplify rules file by using more of Makefile, despite having to override
272 default directories with more arguments to configure, closes: #292833
273 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
274 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
275 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
276 unresolveable (requires adding bison as build dep), closes: #314949
278 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
280 sudo (1.6.8p12-1) unstable; urgency=low
282 * new upstream version, closes: #342948 (CVE-2005-4158)
283 * add env_reset to the sudoers file we create if none already exists,
284 as a further precaution in response to discussion about CVS-2005-4158
285 * split ldap support into a new sudo-ldap package. I was trying to avoid
286 doing this, but the impact of going from 4 to 17 linked shlibs on the
287 autobuilder chroots is sufficient motivation for me.
290 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
292 sudo (1.6.8p9-4) unstable; urgency=low
294 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
295 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
296 timestamps in the init.d script, closes: #330868
297 * add dependency header to init.d script, closes: #332849
299 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
301 sudo (1.6.8p9-3) unstable; urgency=high
303 * update debhelper compatibility level from 2 to 4
304 * add man page symlink for sudoedit
305 * Clean SHELLOPTS and PS4 from the environment before executing programs
306 with sudo permissions [env.c, CAN-2005-2959]
307 * fix typo in manpage pointed out by Moray Allen, closes: #285995
308 * fix paths in sample complex sudoers file, closes: #303542
309 * fix type in sudoers man page, closes: #311244
311 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
313 sudo (1.6.8p9-2) unstable; urgency=high
315 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
318 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
320 sudo (1.6.8p9-1) unstable; urgency=high
322 * new upstream version, fixes a race condition in sudo's pathname
323 validation, which is a security issue (CAN-2005-1993),
324 closes: #315115, #315718
326 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
328 sudo (1.6.8p7-1) unstable; urgency=low
330 * new upstream version, closes: #299585
331 * update lintian overrides to squelch the postinst warning
332 * change sudoedit from a hard to a soft link, closes: #296896
333 * fix regex doc in sudoers man page, closes: #300361
335 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
337 sudo (1.6.8p5-1) unstable; urgency=high
339 * new upstream version
340 * restores ability to use config tuples without a value, which was causing
341 problems on upgrade closes: #283306
342 * deliver sudoedit, closes: #283078
343 * marking urgency high since 283306 is a serious upgrade incompatibility
345 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
347 sudo (1.6.8p3-2) unstable; urgency=high
349 * update pam.d deliverable so ldap works again, closes: #282191
351 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
353 sudo (1.6.8p3-1) unstable; urgency=high
355 * new upstream version, fixes a flaw in sudo's environment sanitizing that
356 could allow a malicious user with permission to run a shell script that
357 utilized the bash shell to run arbitrary commands, closes: #281665
358 * patch the sample sudoers to have the proper path for kill on Debian
359 systems, closes: #263486
360 * patch the sudo manpage to reflect Debian's choice of exempt_group
361 default setting, closes: #236465
362 * patch the sudo manpage to reflect Debian's choice of no timeout on the
363 password prompt, closes: #271194
365 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
367 sudo (1.6.7p5-2) unstable; urgency=low
369 * Jeff Bailey reports that seteuid works on current sparc systems, so we
370 no longer need the "grosshack" stuff in the sudo rules file
371 * add a postrm that removes /etc/sudoers on purge. don't do this with the
372 normal conffile mechanism since it would generate noise on every upgrade,
375 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
377 sudo (1.6.7p5-1) unstable; urgency=low
379 * new upstream version, closes: #190265, #193222, #197244
380 * change from '.' to ':' in postinst chown call, closes: #208369
382 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
384 sudo (1.6.7p3-2) unstable; urgency=low
386 * add --disable-setresuid to configure call since 2.2 kernels don't support
387 setresgid, closes: #189044
388 * cosmetic cleanups to debian/rules as long as I'm there
390 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
392 sudo (1.6.7p3-1) unstable; urgency=low
394 * new upstream version
395 * add overrides to quiet lintian about things it doesn't understand,
396 except the source one that can't be overridden until 129510 is fixed
398 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
400 sudo (1.6.6-3) unstable; urgency=low
402 * add code to rules file to update config.sub/guess, closes: #164501
404 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
406 sudo (1.6.6-2) unstable; urgency=low
408 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
409 configure, and lose the build dependency on mail-transport-agent
410 * incorporate changes from LaMont's NMU, closes: #144665, #144737
411 * update init.d to not try and set time on nonexistent timestamp files,
413 * build with --with-all-insults, admin must edit sudoers to turn insults
414 on at runtime if desired, closes: #135374
415 * stop setting /usr/doc symlink in postinst
417 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
419 sudo (1.6.6-1.1) unstable; urgency=high
421 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
422 * Revert patch to auth/pam.c that left pass uninitialized, causing a
423 segfault (Closes: #144665).
425 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
427 sudo (1.6.6-1) unstable; urgency=high
429 * new upstream version, fixes security problem with crafty prompts,
432 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
434 sudo (1.6.5p1-4) unstable; urgency=high
436 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
437 if ctrl/C'ed at password prompt, closes: #131235
439 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
441 sudo (1.6.5p1-3) unstable; urgency=high
443 * ugly hack to add --disable-saved-ids when building on sparc in response
444 to 131592, which will be reassigned to glibc for a real fix
445 * urgency high since the sudo currently in testing for sparc is worthless
447 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
449 sudo (1.6.5p1-2) unstable; urgency=high
451 * patch from upstream to fix seg faults caused by versions of pam that
452 follow a NULL pointer, closes: #129512
454 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
456 sudo (1.6.5p1-1) unstable; urgency=high
458 * new upstream version
459 * add --disable-root-mailer option supported by new version to configure
460 call in rules file, closes: #129648
462 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
464 sudo (1.6.4p1-1) unstable; urgency=high
466 * new upstream version, with fix for segfaulting problem in 1.6.4
468 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
470 sudo (1.6.4-1) unstable; urgency=high
472 * new upstream version, includes an important security fix, closes: #127576
474 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
476 sudo (1.6.3p7-5) unstable; urgency=low
478 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
479 * fix spelling error in init.d, closes: #126847
481 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
483 sudo (1.6.3p7-4) unstable; urgency=medium
485 * use touch to set status files to an ancient date instead of removing them
486 outright on reboot. this achieves the desired effect of keeping elevated
487 privs from living across reboots, without forcing everyone to see the
488 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
489 for systems with good clocks, and 'recent enough' that broken PC hardware
490 setting the clock to commonly-seen bogus dates trips over the "don't trust
491 future timestamps" rule. closes: #76529, #123559
492 * apply patch from Steve Langasek to fix seg faults due to interaction with
493 PAM code. upstream confirms the problem, and says they're fixing this
494 differently for their next release... but this should be useful in the
495 meantime, and would be good to get into woody. closes: #119147
496 * only run the init.d at boot, not on each runlevel change... and don't run
497 it during package configure. closes: #125935
498 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
500 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
502 sudo (1.6.3p7-3) unstable; urgency=low
504 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
505 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
506 * fix a typo in the manpage, closes: #97368
507 * apply patch to configure.in and run autoconf to fix problem building on
508 the hurd, closes: #96325
509 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
510 to not last across reboots, closes: #76529
511 * clean up lintian-noticed cosmetic packaging issues
513 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
515 sudo (1.6.3p7-2) unstable; urgency=low
517 * update config.sub/guess for hppa support
519 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
521 sudo (1.6.3p7-1) unstable; urgency=low
523 * new upstream version
524 * add build dependency on mail-transport-agent, closes: #90685
526 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
528 sudo (1.6.3p6-1) unstable; urgency=high
530 * new upstream version, fixes buffer overflow problem,
531 closes: #87259, #87278, #87263
532 * revert to using --with-secure-path option at build time, since the option
533 available in sudoers is parsed too late to be useful, and upstream says
534 it won't get fixed quickly. This reopens 85123, which I will mark as
535 forwarded. Closes: #86199, #86117, #85676
537 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
539 sudo (1.6.3p5-2) unstable; urgency=low
541 * lose the dh_suidregister call since it's obsolete
542 * stop using the --with-secure-path option at build time, and instead show
543 how to set it in sudoers. Closes: #85123
544 * freshen config.sub and config.guess for ia64 and hppa
545 * update sudoers man page to indicate exempt_group is on by default,
548 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
550 sudo (1.6.3p5-1) unstable; urgency=low
552 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
553 * this version restores core dumps before the exec, while leaving them
554 disabled during sudo's internal execution, closes: #58289
555 * update debhelper calls in rules file
557 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
559 sudo (1.6.2p2-1) frozen unstable; urgency=medium
561 * new upstream source resulting from direct collaboration with the upstream
562 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
563 Closes: #56129, #55978, #55979, #56550, #56772
564 * include more upstream documentation, closes: #55054
565 * pam.d fragment update, closes: #56129
567 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
569 sudo (1.6.1-1) unstable; urgency=low
571 * new upstream source, closes: #52750
573 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
575 sudo (1.6-2) unstable; urgency=low
577 * drop suidregister support for this package. The sudo executable is
578 essentially worthless unless it is setuid root, and making suidregister
579 work involves shipping a non-setuid executable in the .deb and setting the
580 perms in the postinst. On a long upgrade run, this can leave the sudo
581 executable 'broken' for a long time, which is unacceptable. With this
582 version, we ship the executable setuid root in the .deb. Closes: #51742
584 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
586 sudo (1.6-1) unstable; urgency=low
588 * new upstream version, many options previously set at compile-time are now
589 configurable at runtime.
590 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
593 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
595 sudo (1.5.9p4-1) unstable; urgency=low
597 * new upstream version, closes: #43464
598 * empty password handling was fixed in 1.5.8, closes: #31863
600 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
602 sudo (1.5.9p1-1) unstable; urgency=low
604 * new upstream version
606 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
608 sudo (1.5.8p1-1) unstable; urgency=medium
610 * new upstream version, closes 33690
611 * add dependency on libpam-modules, closes 34215, 33432
613 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
615 sudo (1.5.7p4-2) unstable; urgency=medium
617 * update the pam fragment provided so that sudo works with latest pam bits,
620 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
622 sudo (1.5.7p4-1) unstable; urgency=low
624 * new upstream release
626 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
628 sudo (1.5.6p5-1) unstable; urgency=low
630 * new upstream patch release
631 * add PAM support, closes 28594
633 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
635 sudo (1.5.6p2-2) unstable; urgency=low
637 * update copyright file, closes 24136
638 * review and close forwarded bugs believed fixed in this upstream version,
641 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
643 sudo (1.5.6p2-1) unstable; urgency=low
645 * new upstream release
647 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
649 sudo (1.5.4-4) frozen unstable; urgency=low
651 * update postinst to use groupadd, closes 21403
652 * move the suidregister stuff earlier in postinst to ensure it always runs
654 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
656 sudo (1.5.4-3) frozen unstable; urgency=low
658 * change /etc/sudoers from a conffile to being handled in postinst,
660 * add suidmanager support, closes 15711
661 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
662 unlikely to ever fix, and which just don't matter. closes 17146
663 * fix FSF address in copyright file, and submit exception for lintian
664 warning about sudo being setuid root
666 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
668 sudo (1.5.4-2) unstable; urgency=high
670 * patch from upstream author correcting/improving security fix
672 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
674 sudo (1.5.4-1) unstable; urgency=high
676 * new upstream version, includes a security fix
677 * change default editor from /bin/ae to /usr/bin/editor
679 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
681 sudo (1.5.3-1) unstable; urgency=medium
683 * new upstream version, closes bug 15911.
684 * rules file reworked to use debhelper
685 * implement a really gross hack to force use of the sudo-provided
686 lsearch(), since the one in libc6 is broken! This closes bugs
687 12552, 12557, 14881, 15259, 15916.
689 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
691 sudo (1.5.2-6) unstable; urgency=LOW
693 * don't install INSTALL in the doc directory, closes bug 13195.
695 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
697 sudo (1.5.2-5) unstable; urgency=LOW
701 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
703 sudo (1.5.2-4) unstable; urgency=LOW
705 * change TIMEOUT (how long before you have to type your password again)
706 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
707 packages on slower machines much more tolerable. Closes bug 9076.
708 * touch debian/suid before debstd. Closes bug 8709.
710 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
712 sudo (1.5.2-3) frozen unstable; urgency=LOW
714 * patch from upstream maintainer to close Bug 6828
715 * add a debian/suid file to get debstd to leave my perl postinst alone
717 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
719 sudo (1.5.2-2) frozen unstable; urgency=LOW
721 * change rules to use -O2 -Wall as per standards
723 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
725 sudo (1.5.2-1) unstable; urgency=LOW
727 * new upstream version
728 * cosmetic changes to debian package control files
730 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
732 sudo (1.5-2) unstable; urgency=LOW
734 * add /usr/X11R6/bin to the end of the secure path... this makes it
735 much easier to run xmkmf, etc., during package builds. To the extent
736 that /usr/local/sbin and /usr/local/bin were already included, I see
737 no security reasons not to add this.
739 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
741 sudo (1.5-1) unstable; urgency=LOW
743 * New upstream version
745 * New packaging format
747 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
749 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
753 * hard code SECURE_PATH to:
754 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
758 * enabled EXEMPTGROUP "sudo"
760 * moved timestamp dir to /var/log/sudo
762 * changed parser to check for long and short filenames (Bug#1162)
764 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
768 * New upstream source
770 * Fixed postinst script
771 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
773 * Removed special shadow binary. This version works with and without
774 shadow password file.
776 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
780 * Corrected editor path to /bin/ae (Bug#3062)
782 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
784 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
788 * New upstream version
790 * Changed sudoers permission to 440 (owner root, group root) to make
793 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
797 * Applied upstream patch 1
799 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
803 * Applied upstream patch 2
805 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
809 * Applied upstream patch 3 (fixes problems with an NFS-mounted
813 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
817 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
818 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
820 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
824 * Applied upstream patch 4 (fixes several bugs)
826 * Changed priority to optional
828 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
832 * Corrected postinst to create correct permission for /etc/sudoers
835 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
839 * New upstream version
842 sudo (1.4.4-2) admin; urgency=HIGH
844 * Fixed major security bug reported by Peter Tobias
845 <tobias@et-inf.fho-emden.de>
846 * Added dchanges support to debian.rules
848 sudo (1.4.5-1) admin; urgency=LOW
850 * New upstream version
851 * Minor changes to debian.rules