1 sudo (1.7.2-3) UNRELEASED; urgency=low
3 * add support for /etc/sudoers.d using #includedir in default sudoers,
6 -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 12:08:04 -0600
8 sudo (1.7.2-2) unstable; urgency=low
10 * further improve initial sudoers to not include the NOPASSWD option on
11 the group sudo exception, closes: #539136, #198991
13 -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
15 sudo (1.7.2-1) unstable; urgency=low
17 * new upstream version, closes: #537103
18 * improve initial sudoers by having the exemption for users in group
19 sudo on by default, and including the ability to run any command as
20 any user. This makes the default install roughly equivalent to our
21 old use of the --with-exempt=sudo build option, closes: #536220, #536222
23 -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
25 sudo (1.7.0-1) unstable; urgency=low
27 * new upstream version, closes: #510179, #128268, #520274, #508514
28 * fix ldap config file path for sudo-ldap package, including creating
29 a symlink in postinst and cleaning it up in postrm for the sudo-ldap
30 package, closes: #430826
31 * fix NOPASSWD entry location in default config file for the sudo-ldap
32 instance too, closes: #479616
34 -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
36 sudo (1.6.9p17-2) unstable; urgency=high
38 * patch from upstream to fix privilege escalation with certain
39 configurations, CVE-2009-0034
40 * typo in sudoers man page, closes: #507163
42 -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
44 sudo (1.6.9p17-1) unstable; urgency=low
46 * new upstream version, closes: #481008
47 * deliver schemas to doc directory in sudo-ldap package, closes: #474331
48 * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
49 in move from CVS to git for package management, closes: #475821
50 * re-instate the init.d for the sudo-ldap package too... /o\
52 -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
54 sudo (1.6.9p15-2) unstable; urgency=low
56 * revert the fix for 388659 such that visudo once again defaults to using
57 /usr/bin/editor. I was always ambivalent about this change, it has caused
58 more confusion and frustration than it cured, and I find Justin's line of
59 reasoning persuasive. Update the man page source to reflect this choice
60 and the related use of --with-env-editor. Closes: #474197.
61 * patch from Petter Reinholdtsen to improve init.d, closes: #475821
63 -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
65 sudo (1.6.9p15-1) unstable; urgency=low
67 * new upstream version, closes: #467126, #473337
68 * remove pointless postrm scripts, leaving debhelper do its thing if needed,
69 thanks to Justin Pryzby for pointing this out
70 * reinstate the init.d, since bootclean doesn't quite do what we want. This
71 also means we don't need the preinst scripts any more. Update the lintian
72 overrides since postinst is a Perl script lintian apparently isn't parsing
75 -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
77 sudo (1.6.9p12-1) unstable; urgency=low
79 * new upstream version, closes: #464890
81 -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
83 sudo (1.6.9p11-3) unstable; urgency=low
85 * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
87 -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
89 sudo (1.6.9p11-2) unstable; urgency=low
91 * update version compared in preinst when removing obsolete init.d,
93 * implement pam session config suggestions from Elizabeth Fong,
94 closes: #452457, #402329
96 -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
98 sudo (1.6.9p11-1) unstable; urgency=low
100 * new upstream version
102 -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
104 sudo (1.6.9p10-1) unstable; urgency=low
106 * new upstream version
107 * tweak default password prompt as %u doesn't make sense. Accept patch from
108 Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
109 uses it by default, closes: #454409
110 * accept patch from Martin Pitt that adds a prerm making it difficult to
111 "accidentally" remove sudo when there is no root password set on the
112 system, closes: #451241
114 -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
116 sudo (1.6.9p9-1) unstable; urgency=low
118 * new upstream version
119 * debian/rules: configure a more informative default password prompt to
120 reduce confusion when using sudo to invoke commands which also ask for
121 passwords, closes: #343268
122 * auth/pam.c: don't use the PAM prompt if the user explicitly requested
123 a custom prompt, closes: #448628.
124 * fix configure's ability to discover that libc has dirfd, closes: #451324
125 * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
126 the command 'visudo' invokes a vi variant by default as documented,
129 -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
131 sudo (1.6.9p6-1) unstable; urgency=low
133 * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
134 closes: #434832, #434608, #430382
135 * eliminate the now-redundant init.d scripts, closes: #397090
136 * fix typo in TROUBLESHOOTING file, closes: #439624
138 -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
140 sudo (1.6.8p12-6) unstable; urgency=low
142 * fix typos in visudo.pod relating to env_editor variable, closes: #418886
143 * have init.d touch directories in /var/run/sudo, not just files, as a
145 * fix various typos in sudoers.pod, closes: #419749
146 * don't let Makefile strip binaries, closes: #438073
148 -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
150 sudo (1.6.8p12-5) unstable; urgency=low
152 * update debian/copyright to reflect new upstream URL, closes: #368746
153 * add sandwich cartoon URL to the README.Debian
154 * don't remove sudoers on purge. can cause problems when moving between
155 sudo and sudo-ldap. leaving sudoers around on purge seems like the least
156 evil choice for now, closes: #401366
157 * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
159 * accept patch that improves debian/rules from Ted Percival, closes: #382122
160 * no longer build with --with-exempt=sudo, provide an example entry in the
161 default sudoers file instead, closes: #296605
162 * add --with-devel to configure and augment build dependencies so that flex
163 and yacc files get re-generated on every build, closes: #316249
165 -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
167 sudo (1.6.8p12-4) unstable; urgency=low
169 * patch from Petter Reinholdtsen for the LSB info block in the init.d
170 script, closes: #361055
171 * deliver sudoers sample again, closes: #361593
173 -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
175 sudo (1.6.8p12-3) unstable; urgency=low
177 * force-feed configure knowledge of nroff's path so we get unformatted man
178 pages installed without build-depending on groff-base, closes: #360894
179 * add a reference to OPTIONS in the man page, closes: #186226
181 -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
183 sudo (1.6.8p12-2) unstable; urgency=low
185 * fix typos in init scripts, closes: #346325
186 * update to debhelper compat level 5
187 * build depend on autotools-dev to ensure config.sub/guess are fresh
188 * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
189 use it here as well. Thanks to Martin and the debian-security team.
190 closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
191 closes: #315115, #315718, #203874
192 * Non-maintainer upload by the Security Team
193 * Reworked the former patch to limit environment variables from being
194 passed through, set env_reset as default instead [sudo.c, env.c,
195 sudoers.pod, Bug#342948, CVE-2005-4158]
196 * env_reset is now set by default
197 * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
198 DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
199 (in addition to the SUDO_* variables)
200 * Rebuild sudoers.man.in from the POD file
201 * Added README.Debian
202 * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
203 * simplify rules file by using more of Makefile, despite having to override
204 default directories with more arguments to configure, closes: #292833
205 * update sudo man page to reflect use of SECURE_PATH, closes: #228551
206 * inconsistencies in sudoers man page resolved, closes: #220808, #161012
207 * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
208 unresolveable (requires adding bison as build dep), closes: #314949
210 -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
212 sudo (1.6.8p12-1) unstable; urgency=low
214 * new upstream version, closes: #342948 (CVE-2005-4158)
215 * add env_reset to the sudoers file we create if none already exists,
216 as a further precaution in response to discussion about CVS-2005-4158
217 * split ldap support into a new sudo-ldap package. I was trying to avoid
218 doing this, but the impact of going from 4 to 17 linked shlibs on the
219 autobuilder chroots is sufficient motivation for me.
222 -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
224 sudo (1.6.8p9-4) unstable; urgency=low
226 * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
227 * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
228 timestamps in the init.d script, closes: #330868
229 * add dependency header to init.d script, closes: #332849
231 -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
233 sudo (1.6.8p9-3) unstable; urgency=high
235 * update debhelper compatibility level from 2 to 4
236 * add man page symlink for sudoedit
237 * Clean SHELLOPTS and PS4 from the environment before executing programs
238 with sudo permissions [env.c, CAN-2005-2959]
239 * fix typo in manpage pointed out by Moray Allen, closes: #285995
240 * fix paths in sample complex sudoers file, closes: #303542
241 * fix type in sudoers man page, closes: #311244
243 -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
245 sudo (1.6.8p9-2) unstable; urgency=high
247 * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
250 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
252 sudo (1.6.8p9-1) unstable; urgency=high
254 * new upstream version, fixes a race condition in sudo's pathname
255 validation, which is a security issue (CAN-2005-1993),
256 closes: #315115, #315718
258 -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
260 sudo (1.6.8p7-1) unstable; urgency=low
262 * new upstream version, closes: #299585
263 * update lintian overrides to squelch the postinst warning
264 * change sudoedit from a hard to a soft link, closes: #296896
265 * fix regex doc in sudoers man page, closes: #300361
267 -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
269 sudo (1.6.8p5-1) unstable; urgency=high
271 * new upstream version
272 * restores ability to use config tuples without a value, which was causing
273 problems on upgrade closes: #283306
274 * deliver sudoedit, closes: #283078
275 * marking urgency high since 283306 is a serious upgrade incompatibility
277 -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
279 sudo (1.6.8p3-2) unstable; urgency=high
281 * update pam.d deliverable so ldap works again, closes: #282191
283 -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
285 sudo (1.6.8p3-1) unstable; urgency=high
287 * new upstream version, fixes a flaw in sudo's environment sanitizing that
288 could allow a malicious user with permission to run a shell script that
289 utilized the bash shell to run arbitrary commands, closes: #281665
290 * patch the sample sudoers to have the proper path for kill on Debian
291 systems, closes: #263486
292 * patch the sudo manpage to reflect Debian's choice of exempt_group
293 default setting, closes: #236465
294 * patch the sudo manpage to reflect Debian's choice of no timeout on the
295 password prompt, closes: #271194
297 -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
299 sudo (1.6.7p5-2) unstable; urgency=low
301 * Jeff Bailey reports that seteuid works on current sparc systems, so we
302 no longer need the "grosshack" stuff in the sudo rules file
303 * add a postrm that removes /etc/sudoers on purge. don't do this with the
304 normal conffile mechanism since it would generate noise on every upgrade,
307 -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
309 sudo (1.6.7p5-1) unstable; urgency=low
311 * new upstream version, closes: #190265, #193222, #197244
312 * change from '.' to ':' in postinst chown call, closes: #208369
314 -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
316 sudo (1.6.7p3-2) unstable; urgency=low
318 * add --disable-setresuid to configure call since 2.2 kernels don't support
319 setresgid, closes: #189044
320 * cosmetic cleanups to debian/rules as long as I'm there
322 -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
324 sudo (1.6.7p3-1) unstable; urgency=low
326 * new upstream version
327 * add overrides to quiet lintian about things it doesn't understand,
328 except the source one that can't be overridden until 129510 is fixed
330 -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
332 sudo (1.6.6-3) unstable; urgency=low
334 * add code to rules file to update config.sub/guess, closes: #164501
336 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
338 sudo (1.6.6-2) unstable; urgency=low
340 * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
341 configure, and lose the build dependency on mail-transport-agent
342 * incorporate changes from LaMont's NMU, closes: #144665, #144737
343 * update init.d to not try and set time on nonexistent timestamp files,
345 * build with --with-all-insults, admin must edit sudoers to turn insults
346 on at runtime if desired, closes: #135374
347 * stop setting /usr/doc symlink in postinst
349 -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
351 sudo (1.6.6-1.1) unstable; urgency=high
353 * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
354 * Revert patch to auth/pam.c that left pass uninitialized, causing a
355 segfault (Closes: #144665).
357 -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
359 sudo (1.6.6-1) unstable; urgency=high
361 * new upstream version, fixes security problem with crafty prompts,
364 -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
366 sudo (1.6.5p1-4) unstable; urgency=high
368 * apply patch for auth/pam.c to fix yet another way to make sudo segfault
369 if ctrl/C'ed at password prompt, closes: #131235
371 -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
373 sudo (1.6.5p1-3) unstable; urgency=high
375 * ugly hack to add --disable-saved-ids when building on sparc in response
376 to 131592, which will be reassigned to glibc for a real fix
377 * urgency high since the sudo currently in testing for sparc is worthless
379 -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
381 sudo (1.6.5p1-2) unstable; urgency=high
383 * patch from upstream to fix seg faults caused by versions of pam that
384 follow a NULL pointer, closes: #129512
386 -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
388 sudo (1.6.5p1-1) unstable; urgency=high
390 * new upstream version
391 * add --disable-root-mailer option supported by new version to configure
392 call in rules file, closes: #129648
394 -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
396 sudo (1.6.4p1-1) unstable; urgency=high
398 * new upstream version, with fix for segfaulting problem in 1.6.4
400 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
402 sudo (1.6.4-1) unstable; urgency=high
404 * new upstream version, includes an important security fix, closes: #127576
406 -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
408 sudo (1.6.3p7-5) unstable; urgency=low
410 * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
411 * fix spelling error in init.d, closes: #126847
413 -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
415 sudo (1.6.3p7-4) unstable; urgency=medium
417 * use touch to set status files to an ancient date instead of removing them
418 outright on reboot. this achieves the desired effect of keeping elevated
419 privs from living across reboots, without forcing everyone to see the
420 new-sudo-user lecture after every reboot. pick a time that's 'old enough'
421 for systems with good clocks, and 'recent enough' that broken PC hardware
422 setting the clock to commonly-seen bogus dates trips over the "don't trust
423 future timestamps" rule. closes: #76529, #123559
424 * apply patch from Steve Langasek to fix seg faults due to interaction with
425 PAM code. upstream confirms the problem, and says they're fixing this
426 differently for their next release... but this should be useful in the
427 meantime, and would be good to get into woody. closes: #119147
428 * only run the init.d at boot, not on each runlevel change... and don't run
429 it during package configure. closes: #125935
430 * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
432 -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
434 sudo (1.6.3p7-3) unstable; urgency=low
436 * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
437 resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
438 * fix a typo in the manpage, closes: #97368
439 * apply patch to configure.in and run autoconf to fix problem building on
440 the hurd, closes: #96325
441 * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
442 to not last across reboots, closes: #76529
443 * clean up lintian-noticed cosmetic packaging issues
445 -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
447 sudo (1.6.3p7-2) unstable; urgency=low
449 * update config.sub/guess for hppa support
451 -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
453 sudo (1.6.3p7-1) unstable; urgency=low
455 * new upstream version
456 * add build dependency on mail-transport-agent, closes: #90685
458 -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
460 sudo (1.6.3p6-1) unstable; urgency=high
462 * new upstream version, fixes buffer overflow problem,
463 closes: #87259, #87278, #87263
464 * revert to using --with-secure-path option at build time, since the option
465 available in sudoers is parsed too late to be useful, and upstream says
466 it won't get fixed quickly. This reopens 85123, which I will mark as
467 forwarded. Closes: #86199, #86117, #85676
469 -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
471 sudo (1.6.3p5-2) unstable; urgency=low
473 * lose the dh_suidregister call since it's obsolete
474 * stop using the --with-secure-path option at build time, and instead show
475 how to set it in sudoers. Closes: #85123
476 * freshen config.sub and config.guess for ia64 and hppa
477 * update sudoers man page to indicate exempt_group is on by default,
480 -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
482 sudo (1.6.3p5-1) unstable; urgency=low
484 * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
485 * this version restores core dumps before the exec, while leaving them
486 disabled during sudo's internal execution, closes: #58289
487 * update debhelper calls in rules file
489 -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
491 sudo (1.6.2p2-1) frozen unstable; urgency=medium
493 * new upstream source resulting from direct collaboration with the upstream
494 author to fix ugly pam-related problems on Debian in 1.6.1 and later.
495 Closes: #56129, #55978, #55979, #56550, #56772
496 * include more upstream documentation, closes: #55054
497 * pam.d fragment update, closes: #56129
499 -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
501 sudo (1.6.1-1) unstable; urgency=low
503 * new upstream source, closes: #52750
505 -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
507 sudo (1.6-2) unstable; urgency=low
509 * drop suidregister support for this package. The sudo executable is
510 essentially worthless unless it is setuid root, and making suidregister
511 work involves shipping a non-setuid executable in the .deb and setting the
512 perms in the postinst. On a long upgrade run, this can leave the sudo
513 executable 'broken' for a long time, which is unacceptable. With this
514 version, we ship the executable setuid root in the .deb. Closes: #51742
516 -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
518 sudo (1.6-1) unstable; urgency=low
520 * new upstream version, many options previously set at compile-time are now
521 configurable at runtime.
522 Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
525 -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
527 sudo (1.5.9p4-1) unstable; urgency=low
529 * new upstream version, closes: #43464
530 * empty password handling was fixed in 1.5.8, closes: #31863
532 -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
534 sudo (1.5.9p1-1) unstable; urgency=low
536 * new upstream version
538 -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
540 sudo (1.5.8p1-1) unstable; urgency=medium
542 * new upstream version, closes 33690
543 * add dependency on libpam-modules, closes 34215, 33432
545 -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
547 sudo (1.5.7p4-2) unstable; urgency=medium
549 * update the pam fragment provided so that sudo works with latest pam bits,
552 -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
554 sudo (1.5.7p4-1) unstable; urgency=low
556 * new upstream release
558 -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
560 sudo (1.5.6p5-1) unstable; urgency=low
562 * new upstream patch release
563 * add PAM support, closes 28594
565 -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
567 sudo (1.5.6p2-2) unstable; urgency=low
569 * update copyright file, closes 24136
570 * review and close forwarded bugs believed fixed in this upstream version,
573 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
575 sudo (1.5.6p2-1) unstable; urgency=low
577 * new upstream release
579 -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
581 sudo (1.5.4-4) frozen unstable; urgency=low
583 * update postinst to use groupadd, closes 21403
584 * move the suidregister stuff earlier in postinst to ensure it always runs
586 -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
588 sudo (1.5.4-3) frozen unstable; urgency=low
590 * change /etc/sudoers from a conffile to being handled in postinst,
592 * add suidmanager support, closes 15711
593 * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
594 unlikely to ever fix, and which just don't matter. closes 17146
595 * fix FSF address in copyright file, and submit exception for lintian
596 warning about sudo being setuid root
598 -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
600 sudo (1.5.4-2) unstable; urgency=high
602 * patch from upstream author correcting/improving security fix
604 -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
606 sudo (1.5.4-1) unstable; urgency=high
608 * new upstream version, includes a security fix
609 * change default editor from /bin/ae to /usr/bin/editor
611 -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
613 sudo (1.5.3-1) unstable; urgency=medium
615 * new upstream version, closes bug 15911.
616 * rules file reworked to use debhelper
617 * implement a really gross hack to force use of the sudo-provided
618 lsearch(), since the one in libc6 is broken! This closes bugs
619 12552, 12557, 14881, 15259, 15916.
621 -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
623 sudo (1.5.2-6) unstable; urgency=LOW
625 * don't install INSTALL in the doc directory, closes bug 13195.
627 -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
629 sudo (1.5.2-5) unstable; urgency=LOW
633 -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
635 sudo (1.5.2-4) unstable; urgency=LOW
637 * change TIMEOUT (how long before you have to type your password again)
638 to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
639 packages on slower machines much more tolerable. Closes bug 9076.
640 * touch debian/suid before debstd. Closes bug 8709.
642 -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
644 sudo (1.5.2-3) frozen unstable; urgency=LOW
646 * patch from upstream maintainer to close Bug 6828
647 * add a debian/suid file to get debstd to leave my perl postinst alone
649 -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
651 sudo (1.5.2-2) frozen unstable; urgency=LOW
653 * change rules to use -O2 -Wall as per standards
655 -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
657 sudo (1.5.2-1) unstable; urgency=LOW
659 * new upstream version
660 * cosmetic changes to debian package control files
662 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
664 sudo (1.5-2) unstable; urgency=LOW
666 * add /usr/X11R6/bin to the end of the secure path... this makes it
667 much easier to run xmkmf, etc., during package builds. To the extent
668 that /usr/local/sbin and /usr/local/bin were already included, I see
669 no security reasons not to add this.
671 -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
673 sudo (1.5-1) unstable; urgency=LOW
675 * New upstream version
677 * New packaging format
679 -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
681 Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
685 * hard code SECURE_PATH to:
686 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
690 * enabled EXEMPTGROUP "sudo"
692 * moved timestamp dir to /var/log/sudo
694 * changed parser to check for long and short filenames (Bug#1162)
696 Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
700 * New upstream source
702 * Fixed postinst script
703 (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
705 * Removed special shadow binary. This version works with and without
706 shadow password file.
708 Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
712 * Corrected editor path to /bin/ae (Bug#3062)
714 * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
716 Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
720 * New upstream version
722 * Changed sudoers permission to 440 (owner root, group root) to make
725 Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
729 * Applied upstream patch 1
731 Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
735 * Applied upstream patch 2
737 Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
741 * Applied upstream patch 3 (fixes problems with an NFS-mounted
745 Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
749 * Corrected postinst to use /usr/bin/perl instead of /bin/perl
750 [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
752 Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
756 * Applied upstream patch 4 (fixes several bugs)
758 * Changed priority to optional
760 Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
764 * Corrected postinst to create correct permission for /etc/sudoers
767 Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
771 * New upstream version
774 sudo (1.4.4-2) admin; urgency=HIGH
776 * Fixed major security bug reported by Peter Tobias
777 <tobias@et-inf.fho-emden.de>
778 * Added dchanges support to debian.rules
780 sudo (1.4.5-1) admin; urgency=LOW
782 * New upstream version
783 * Minor changes to debian.rules