+sudo (1.7.2p7-2) UNRELEASED; urgency=low
+
+ * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
+ re-lecturing existing users, and to clean up after ourselves on upgrade,
+ and remove the RAMRUN section from README.Debian since the new state dir
+ should fix the original problem, closes: #585514
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600
+
+sudo (1.7.2p7-1) unstable; urgency=high
+
+ * new upstream release with security fix for secure path (CVE-2010-1646),
+ closes: #585394
+ * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
+ about whether to give the lecture is preserved across reboots even when
+ RAMRUN is set, closes: #581393
+ * add a note to README.Debian about LDAP needing an entry in
+ /etc/nsswitch.conf, closes: #522065
+ * add a note to README.Debian about how to turn off lectures if using
+ RAMRUN in /etc/default/rcS, closes: #581393
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600
+
+sudo (1.7.2p6-1) unstable; urgency=low
+
+ * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
+
+sudo (1.7.2p5-1) unstable; urgency=low
+
+ * new upstream release, closes a bug filed upstream regarding missing man
+ page processing scripts in the 1.7.2p1 tarball, also includes the fix
+ for CVE-2010-0426 previously the subject of a security team nmu
+ * move to source format 3.0 (quilt) and restructure changes as patches
+ * fix unprocessed substitution variables in man pages, closes: #557204
+ * apply patch from Neil Moore to fix Debian-specific content in the
+ visudo man page, closes: #555013
+ * update descriptions to better explain sudo-ldap, closes: #573108
+ * eliminate spurious 'and' in man page, closes: #571620
+ * fix confusing text in default sudoers, closes: #566607
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
+
+sudo (1.7.2p1-1) unstable; urgency=low
+
+ * new upstream version
+ * add support for /etc/sudoers.d using #includedir in default sudoers,
+ which I think is also a good solution to the request for a crontab-like
+ API requested in March of 2001, closes: #539994, #271813, #89743
+ * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
+
+sudo (1.7.2-2) unstable; urgency=low
+
+ * further improve initial sudoers to not include the NOPASSWD option on
+ the group sudo exception, closes: #539136, #198991
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
+
sudo (1.7.2-1) unstable; urgency=low
* new upstream version, closes: #537103
- * improve initial sudoers commented-out example, closes: #536220
- * fix update-rc.d call to create correct sudo-ldap link, closes: #387880
+ * improve initial sudoers by having the exemption for users in group
+ sudo on by default, and including the ability to run any command as
+ any user. This makes the default install roughly equivalent to our
+ old use of the --with-exempt=sudo build option, closes: #536220, #536222
- -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 00:52:27 -0600
+ -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
sudo (1.7.0-1) unstable; urgency=low
projects / debian / sudo / blobdiff