X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=7a1acb45e651df2ccef6b3da13922eacbd638a25;hb=65bcbb8c59546aaf9e2a5efe64e2a1abdadd075f;hp=97ae9d163f13f761c0dd33ccc6d03de96e10019b;hpb=3bf8815c775827f732287772292c0c0f177d691b;p=debian%2Fsudo diff --git a/debian/changelog b/debian/changelog index 97ae9d1..7a1acb4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,13 +1,65 @@ -sudo (1.7.2p2-1) UNRELEASED; urgency=low +sudo (1.7.4p4-3) unstable; urgency=low - * new upstream release, closes a bug filed upstream regarding missing - man page processing scripts in the 1.7.2p1 tarball + * make postinst clause for handling /var/run -> /var/lib transition less + fragile, closes: #585514 + * cope with upstream's Makefile trying to install ChangeLog in our doc + directory, closes: #597389 + + -- Bdale Garbee Thu, 09 Sep 2010 13:54:25 -0600 + +sudo (1.7.4p4-2) unstable; urgency=low + + * add a NEWS item about change in $HOME handling that impacts programs + like pbuilder + + -- Bdale Garbee Wed, 08 Sep 2010 14:29:16 -0600 + +sudo (1.7.4p4-1) unstable; urgency=high + + * new upstream version, urgency high due to fix for flaw in Runas group + matching (CVE-2010-2956), closes: #595935 + * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid + re-lecturing existing users, and to clean up after ourselves on upgrade, + and remove the RAMRUN section from README.Debian since the new state dir + should fix the original problem, closes: #585514 + * deliver README.Debian to both package flavors, closes: #593579 + + -- Bdale Garbee Tue, 07 Sep 2010 12:22:42 -0600 + +sudo (1.7.2p7-1) unstable; urgency=high + + * new upstream release with security fix for secure path (CVE-2010-1646), + closes: #585394 + * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state + about whether to give the lecture is preserved across reboots even when + RAMRUN is set, closes: #581393 + * add a note to README.Debian about LDAP needing an entry in + /etc/nsswitch.conf, closes: #522065 + * add a note to README.Debian about how to turn off lectures if using + RAMRUN in /etc/default/rcS, closes: #581393 + + -- Bdale Garbee Thu, 10 Jun 2010 15:42:14 -0600 + +sudo (1.7.2p6-1) unstable; urgency=low + + * new upstream version fixing CVE-2010-1163, closes: #578275, #570737 + + -- Bdale Garbee Mon, 19 Apr 2010 10:45:47 -0600 + +sudo (1.7.2p5-1) unstable; urgency=low + + * new upstream release, closes a bug filed upstream regarding missing man + page processing scripts in the 1.7.2p1 tarball, also includes the fix + for CVE-2010-0426 previously the subject of a security team nmu * move to source format 3.0 (quilt) and restructure changes as patches * fix unprocessed substitution variables in man pages, closes: #557204 * apply patch from Neil Moore to fix Debian-specific content in the visudo man page, closes: #555013 + * update descriptions to better explain sudo-ldap, closes: #573108 + * eliminate spurious 'and' in man page, closes: #571620 + * fix confusing text in default sudoers, closes: #566607 - -- Bdale Garbee Mon, 07 Dec 2009 16:58:36 +0100 + -- Bdale Garbee Thu, 11 Mar 2010 15:44:53 -0700 sudo (1.7.2p1-1) unstable; urgency=low