handle move of state directory better in upgrades

[debian/sudo] / debian / changelog

diff --git a/debian/changelog b/debian/changelog
index 19c86388f5314ecdaddd103a46752ebd85711371..64425317c79fe0ad35d625c77dcfd4caaec84529 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,25 @@
-sudo (1.7.2p6-2) UNRELEASED; urgency=low
+sudo (1.7.2p7-2) UNRELEASED; urgency=low
 
+  * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
+    re-lecturing existing users, and to clean up after ourselves on upgrade,
+    and remove the RAMRUN section from README.Debian since the new state dir
+    should fix the original problem, closes: #585514
+
+ -- Bdale Garbee <bdale@gag.com>  Thu, 10 Jun 2010 15:42:14 -0600
+
+sudo (1.7.2p7-1) unstable; urgency=high
+
+  * new upstream release with security fix for secure path (CVE-2010-1646),
+    closes: #585394
+  * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
+    about whether to give the lecture is preserved across reboots even when
+    RAMRUN is set, closes: #581393
   * add a note to README.Debian about LDAP needing an entry in 
     /etc/nsswitch.conf, closes: #522065
+  * add a note to README.Debian about how to turn off lectures if using
+    RAMRUN in /etc/default/rcS, closes: #581393
 
- -- Bdale Garbee <bdale@gag.com>  Wed, 21 Apr 2010 09:26:11 -0600
+ -- Bdale Garbee <bdale@gag.com>  Thu, 10 Jun 2010 15:42:14 -0600
 
 sudo (1.7.2p6-1) unstable; urgency=low