--- /dev/null
+sudo (1.7.4p5-1) UNRELEASED; urgency=low
+
+ * new upstream version
+ * touch the right stamp name after configuring, closes: #611287
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 28 Jan 2011 14:44:39 +1000
+
+sudo (1.7.4p4-6) unstable; urgency=low
+
+ * update /etc/sudoers.d/README now that sudoers is a conffile
+ * patch from upstream to fix special case in password checking code
+ when only the gid is changing, closes: #609641
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 11 Jan 2011 10:22:39 -0700
+
+sudo (1.7.4p4-5) unstable; urgency=low
+
+ * patch from Jakub Wilk to add noopt and nostrip build option support,
+ closes: #605580
+ * make sudoers a conffile, closes: #605130
+ * add descriptions to LSB init headers, closes: #604619
+ * change default sudoers %sudo entry to allow gid changes, closes: #602699
+ * add Vcs entries to the control file
+ * use debhelper install files instead of explicit installs in rules
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 01 Dec 2010 20:32:31 -0700
+
+sudo (1.7.4p4-4) unstable; urgency=low
+
+ * patch from upstream to resolve problem always prompting for a password
+ when run without a tty, closes: #599376
+ * patch from upstream to resolve interoperability problem between HOME in
+ env_keep and the -H flag, closes: #596493
+ * change path syntax to avoid tar error when /var/run/sudo exists but is
+ empty, closes: #598877
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 07 Oct 2010 15:59:06 -0600
+
+sudo (1.7.4p4-3) unstable; urgency=low
+
+ * make postinst clause for handling /var/run -> /var/lib transition less
+ fragile, closes: #585514
+ * cope with upstream's Makefile trying to install ChangeLog in our doc
+ directory, closes: #597389
+ * fix README.Debian to reflect that HOME is no longer preserved by default,
+ closes: #596847
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 21 Sep 2010 23:53:08 -0600
+
+sudo (1.7.4p4-2) unstable; urgency=low
+
+ * add a NEWS item about change in $HOME handling that impacts programs
+ like pbuilder
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600
+
+sudo (1.7.4p4-1) unstable; urgency=high
+
+ * new upstream version, urgency high due to fix for flaw in Runas group
+ matching (CVE-2010-2956), closes: #595935
+ * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid
+ re-lecturing existing users, and to clean up after ourselves on upgrade,
+ and remove the RAMRUN section from README.Debian since the new state dir
+ should fix the original problem, closes: #585514
+ * deliver README.Debian to both package flavors, closes: #593579
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 07 Sep 2010 12:22:42 -0600
+
+sudo (1.7.2p7-1) unstable; urgency=high
+
+ * new upstream release with security fix for secure path (CVE-2010-1646),
+ closes: #585394
+ * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
+ about whether to give the lecture is preserved across reboots even when
+ RAMRUN is set, closes: #581393
+ * add a note to README.Debian about LDAP needing an entry in
+ /etc/nsswitch.conf, closes: #522065
+ * add a note to README.Debian about how to turn off lectures if using
+ RAMRUN in /etc/default/rcS, closes: #581393
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600
+
+sudo (1.7.2p6-1) unstable; urgency=low
+
+ * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600
+
+sudo (1.7.2p5-1) unstable; urgency=low
+
+ * new upstream release, closes a bug filed upstream regarding missing man
+ page processing scripts in the 1.7.2p1 tarball, also includes the fix
+ for CVE-2010-0426 previously the subject of a security team nmu
+ * move to source format 3.0 (quilt) and restructure changes as patches
+ * fix unprocessed substitution variables in man pages, closes: #557204
+ * apply patch from Neil Moore to fix Debian-specific content in the
+ visudo man page, closes: #555013
+ * update descriptions to better explain sudo-ldap, closes: #573108
+ * eliminate spurious 'and' in man page, closes: #571620
+ * fix confusing text in default sudoers, closes: #566607
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700
+
+sudo (1.7.2p1-1) unstable; urgency=low
+
+ * new upstream version
+ * add support for /etc/sudoers.d using #includedir in default sudoers,
+ which I think is also a good solution to the request for a crontab-like
+ API requested in March of 2001, closes: #539994, #271813, #89743
+ * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600
+
+sudo (1.7.2-2) unstable; urgency=low
+
+ * further improve initial sudoers to not include the NOPASSWD option on
+ the group sudo exception, closes: #539136, #198991
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200
+
+sudo (1.7.2-1) unstable; urgency=low
+
+ * new upstream version, closes: #537103
+ * improve initial sudoers by having the exemption for users in group
+ sudo on by default, and including the ability to run any command as
+ any user. This makes the default install roughly equivalent to our
+ old use of the --with-exempt=sudo build option, closes: #536220, #536222
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600
+
+sudo (1.7.0-1) unstable; urgency=low
+
+ * new upstream version, closes: #510179, #128268, #520274, #508514
+ * fix ldap config file path for sudo-ldap package, including creating
+ a symlink in postinst and cleaning it up in postrm for the sudo-ldap
+ package, closes: #430826
+ * fix NOPASSWD entry location in default config file for the sudo-ldap
+ instance too, closes: #479616
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600
+
+sudo (1.6.9p17-2) unstable; urgency=high
+
+ * patch from upstream to fix privilege escalation with certain
+ configurations, CVE-2009-0034
+ * typo in sudoers man page, closes: #507163
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700
+
+sudo (1.6.9p17-1) unstable; urgency=low
+
+ * new upstream version, closes: #481008
+ * deliver schemas to doc directory in sudo-ldap package, closes: #474331
+ * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost
+ in move from CVS to git for package management, closes: #475821
+ * re-instate the init.d for the sudo-ldap package too... /o\
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600
+
+sudo (1.6.9p15-2) unstable; urgency=low
+
+ * revert the fix for 388659 such that visudo once again defaults to using
+ /usr/bin/editor. I was always ambivalent about this change, it has caused
+ more confusion and frustration than it cured, and I find Justin's line of
+ reasoning persuasive. Update the man page source to reflect this choice
+ and the related use of --with-env-editor. Closes: #474197.
+ * patch from Petter Reinholdtsen to improve init.d, closes: #475821
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600
+
+sudo (1.6.9p15-1) unstable; urgency=low
+
+ * new upstream version, closes: #467126, #473337
+ * remove pointless postrm scripts, leaving debhelper do its thing if needed,
+ thanks to Justin Pryzby for pointing this out
+ * reinstate the init.d, since bootclean doesn't quite do what we want. This
+ also means we don't need the preinst scripts any more. Update the lintian
+ overrides since postinst is a Perl script lintian apparently isn't parsing
+ well. closes: #330868
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600
+
+sudo (1.6.9p12-1) unstable; urgency=low
+
+ * new upstream version, closes: #464890
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900
+
+sudo (1.6.9p11-3) unstable; urgency=low
+
+ * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700
+
+sudo (1.6.9p11-2) unstable; urgency=low
+
+ * update version compared in preinst when removing obsolete init.d,
+ closes: #459681
+ * implement pam session config suggestions from Elizabeth Fong,
+ closes: #452457, #402329
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700
+
+sudo (1.6.9p11-1) unstable; urgency=low
+
+ * new upstream version
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700
+
+sudo (1.6.9p10-1) unstable; urgency=low
+
+ * new upstream version
+ * tweak default password prompt as %u doesn't make sense. Accept patch from
+ Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
+ uses it by default, closes: #454409
+ * accept patch from Martin Pitt that adds a prerm making it difficult to
+ "accidentally" remove sudo when there is no root password set on the
+ system, closes: #451241
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700
+
+sudo (1.6.9p9-1) unstable; urgency=low
+
+ * new upstream version
+ * debian/rules: configure a more informative default password prompt to
+ reduce confusion when using sudo to invoke commands which also ask for
+ passwords, closes: #343268
+ * auth/pam.c: don't use the PAM prompt if the user explicitly requested
+ a custom prompt, closes: #448628.
+ * fix configure's ability to discover that libc has dirfd, closes: #451324
+ * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that
+ the command 'visudo' invokes a vi variant by default as documented,
+ closes: #388659
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700
+
+sudo (1.6.9p6-1) unstable; urgency=low
+
+ * new upstream version, closes: #442815, #446146, #438699, #435768, #435314
+ closes: #434832, #434608, #430382
+ * eliminate the now-redundant init.d scripts, closes: #397090
+ * fix typo in TROUBLESHOOTING file, closes: #439624
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600
+
+sudo (1.6.8p12-6) unstable; urgency=low
+
+ * fix typos in visudo.pod relating to env_editor variable, closes: #418886
+ * have init.d touch directories in /var/run/sudo, not just files, as a
+ followup to #330868.
+ * fix various typos in sudoers.pod, closes: #419749
+ * don't let Makefile strip binaries, closes: #438073
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100
+
+sudo (1.6.8p12-5) unstable; urgency=low
+
+ * update debian/copyright to reflect new upstream URL, closes: #368746
+ * add sandwich cartoon URL to the README.Debian
+ * don't remove sudoers on purge. can cause problems when moving between
+ sudo and sudo-ldap. leaving sudoers around on purge seems like the least
+ evil choice for now, closes: #401366
+ * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH,
+ closes: #374509
+ * accept patch that improves debian/rules from Ted Percival, closes: #382122
+ * no longer build with --with-exempt=sudo, provide an example entry in the
+ default sudoers file instead, closes: #296605
+ * add --with-devel to configure and augment build dependencies so that flex
+ and yacc files get re-generated on every build, closes: #316249
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600
+
+sudo (1.6.8p12-4) unstable; urgency=low
+
+ * patch from Petter Reinholdtsen for the LSB info block in the init.d
+ script, closes: #361055
+ * deliver sudoers sample again, closes: #361593
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600
+
+sudo (1.6.8p12-3) unstable; urgency=low
+
+ * force-feed configure knowledge of nroff's path so we get unformatted man
+ pages installed without build-depending on groff-base, closes: #360894
+ * add a reference to OPTIONS in the man page, closes: #186226
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700
+
+sudo (1.6.8p12-2) unstable; urgency=low
+
+ * fix typos in init scripts, closes: #346325
+ * update to debhelper compat level 5
+ * build depend on autotools-dev to ensure config.sub/guess are fresh
+ * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and
+ use it here as well. Thanks to Martin and the debian-security team.
+ closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085
+ closes: #315115, #315718, #203874
+ * Non-maintainer upload by the Security Team
+ * Reworked the former patch to limit environment variables from being
+ passed through, set env_reset as default instead [sudo.c, env.c,
+ sudoers.pod, Bug#342948, CVE-2005-4158]
+ * env_reset is now set by default
+ * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM,
+ DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER
+ (in addition to the SUDO_* variables)
+ * Rebuild sudoers.man.in from the POD file
+ * Added README.Debian
+ * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431
+ * simplify rules file by using more of Makefile, despite having to override
+ default directories with more arguments to configure, closes: #292833
+ * update sudo man page to reflect use of SECURE_PATH, closes: #228551
+ * inconsistencies in sudoers man page resolved, closes: #220808, #161012
+ * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are
+ unresolveable (requires adding bison as build dep), closes: #314949
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700
+
+sudo (1.6.8p12-1) unstable; urgency=low
+
+ * new upstream version, closes: #342948 (CVE-2005-4158)
+ * add env_reset to the sudoers file we create if none already exists,
+ as a further precaution in response to discussion about CVS-2005-4158
+ * split ldap support into a new sudo-ldap package. I was trying to avoid
+ doing this, but the impact of going from 4 to 17 linked shlibs on the
+ autobuilder chroots is sufficient motivation for me.
+ closes: #344034
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700
+
+sudo (1.6.8p9-4) unstable; urgency=low
+
+ * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231
+ * merge patch from Martin Pitt / Ubuntu to be more robust about resetting
+ timestamps in the init.d script, closes: #330868
+ * add dependency header to init.d script, closes: #332849
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800
+
+sudo (1.6.8p9-3) unstable; urgency=high
+
+ * update debhelper compatibility level from 2 to 4
+ * add man page symlink for sudoedit
+ * Clean SHELLOPTS and PS4 from the environment before executing programs
+ with sudo permissions [env.c, CAN-2005-2959]
+ * fix typo in manpage pointed out by Moray Allen, closes: #285995
+ * fix paths in sample complex sudoers file, closes: #303542
+ * fix type in sudoers man page, closes: #311244
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600
+
+sudo (1.6.8p9-2) unstable; urgency=high
+
+ * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
+ closes: #305735
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
+
+sudo (1.6.8p9-1) unstable; urgency=high
+
+ * new upstream version, fixes a race condition in sudo's pathname
+ validation, which is a security issue (CAN-2005-1993),
+ closes: #315115, #315718
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
+
+sudo (1.6.8p7-1) unstable; urgency=low
+
+ * new upstream version, closes: #299585
+ * update lintian overrides to squelch the postinst warning
+ * change sudoedit from a hard to a soft link, closes: #296896
+ * fix regex doc in sudoers man page, closes: #300361
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
+
+sudo (1.6.8p5-1) unstable; urgency=high
+
+ * new upstream version
+ * restores ability to use config tuples without a value, which was causing
+ problems on upgrade closes: #283306
+ * deliver sudoedit, closes: #283078
+ * marking urgency high since 283306 is a serious upgrade incompatibility
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700
+
+sudo (1.6.8p3-2) unstable; urgency=high
+
+ * update pam.d deliverable so ldap works again, closes: #282191
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700
+
+sudo (1.6.8p3-1) unstable; urgency=high
+
+ * new upstream version, fixes a flaw in sudo's environment sanitizing that
+ could allow a malicious user with permission to run a shell script that
+ utilized the bash shell to run arbitrary commands, closes: #281665
+ * patch the sample sudoers to have the proper path for kill on Debian
+ systems, closes: #263486
+ * patch the sudo manpage to reflect Debian's choice of exempt_group
+ default setting, closes: #236465
+ * patch the sudo manpage to reflect Debian's choice of no timeout on the
+ password prompt, closes: #271194
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700
+
+sudo (1.6.7p5-2) unstable; urgency=low
+
+ * Jeff Bailey reports that seteuid works on current sparc systems, so we
+ no longer need the "grosshack" stuff in the sudo rules file
+ * add a postrm that removes /etc/sudoers on purge. don't do this with the
+ normal conffile mechanism since it would generate noise on every upgrade,
+ closes: #245405
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400
+
+sudo (1.6.7p5-1) unstable; urgency=low
+
+ * new upstream version, closes: #190265, #193222, #197244
+ * change from '.' to ':' in postinst chown call, closes: #208369
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600
+
+sudo (1.6.7p3-2) unstable; urgency=low
+
+ * add --disable-setresuid to configure call since 2.2 kernels don't support
+ setresgid, closes: #189044
+ * cosmetic cleanups to debian/rules as long as I'm there
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600
+
+sudo (1.6.7p3-1) unstable; urgency=low
+
+ * new upstream version
+ * add overrides to quiet lintian about things it doesn't understand,
+ except the source one that can't be overridden until 129510 is fixed
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600
+
+sudo (1.6.6-3) unstable; urgency=low
+
+ * add code to rules file to update config.sub/guess, closes: #164501
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600
+
+sudo (1.6.6-2) unstable; urgency=low
+
+ * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to
+ configure, and lose the build dependency on mail-transport-agent
+ * incorporate changes from LaMont's NMU, closes: #144665, #144737
+ * update init.d to not try and set time on nonexistent timestamp files,
+ closes: #132616
+ * build with --with-all-insults, admin must edit sudoers to turn insults
+ on at runtime if desired, closes: #135374
+ * stop setting /usr/doc symlink in postinst
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600
+
+sudo (1.6.6-1.1) unstable; urgency=high
+
+ * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts.
+ * Revert patch to auth/pam.c that left pass uninitialized, causing a
+ segfault (Closes: #144665).
+
+ -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600
+
+sudo (1.6.6-1) unstable; urgency=high
+
+ * new upstream version, fixes security problem with crafty prompts,
+ closes: #144540
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600
+
+sudo (1.6.5p1-4) unstable; urgency=high
+
+ * apply patch for auth/pam.c to fix yet another way to make sudo segfault
+ if ctrl/C'ed at password prompt, closes: #131235
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700
+
+sudo (1.6.5p1-3) unstable; urgency=high
+
+ * ugly hack to add --disable-saved-ids when building on sparc in response
+ to 131592, which will be reassigned to glibc for a real fix
+ * urgency high since the sudo currently in testing for sparc is worthless
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700
+
+sudo (1.6.5p1-2) unstable; urgency=high
+
+ * patch from upstream to fix seg faults caused by versions of pam that
+ follow a NULL pointer, closes: #129512
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700
+
+sudo (1.6.5p1-1) unstable; urgency=high
+
+ * new upstream version
+ * add --disable-root-mailer option supported by new version to configure
+ call in rules file, closes: #129648
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700
+
+sudo (1.6.4p1-1) unstable; urgency=high
+
+ * new upstream version, with fix for segfaulting problem in 1.6.4
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700
+
+sudo (1.6.4-1) unstable; urgency=high
+
+ * new upstream version, includes an important security fix, closes: #127576
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700
+
+sudo (1.6.3p7-5) unstable; urgency=low
+
+ * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872
+ * fix spelling error in init.d, closes: #126847
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700
+
+sudo (1.6.3p7-4) unstable; urgency=medium
+
+ * use touch to set status files to an ancient date instead of removing them
+ outright on reboot. this achieves the desired effect of keeping elevated
+ privs from living across reboots, without forcing everyone to see the
+ new-sudo-user lecture after every reboot. pick a time that's 'old enough'
+ for systems with good clocks, and 'recent enough' that broken PC hardware
+ setting the clock to commonly-seen bogus dates trips over the "don't trust
+ future timestamps" rule. closes: #76529, #123559
+ * apply patch from Steve Langasek to fix seg faults due to interaction with
+ PAM code. upstream confirms the problem, and says they're fixing this
+ differently for their next release... but this should be useful in the
+ meantime, and would be good to get into woody. closes: #119147
+ * only run the init.d at boot, not on each runlevel change... and don't run
+ it during package configure. closes: #125935
+ * add DEB_BUILD_OPTIONS support to rules file, closes: #94952
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700
+
+sudo (1.6.3p7-3) unstable; urgency=low
+
+ * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not
+ resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718,
+ * fix a typo in the manpage, closes: #97368
+ * apply patch to configure.in and run autoconf to fix problem building on
+ the hurd, closes: #96325
+ * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed
+ to not last across reboots, closes: #76529
+ * clean up lintian-noticed cosmetic packaging issues
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700
+
+sudo (1.6.3p7-2) unstable; urgency=low
+
+ * update config.sub/guess for hppa support
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600
+
+sudo (1.6.3p7-1) unstable; urgency=low
+
+ * new upstream version
+ * add build dependency on mail-transport-agent, closes: #90685
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600
+
+sudo (1.6.3p6-1) unstable; urgency=high
+
+ * new upstream version, fixes buffer overflow problem,
+ closes: #87259, #87278, #87263
+ * revert to using --with-secure-path option at build time, since the option
+ available in sudoers is parsed too late to be useful, and upstream says
+ it won't get fixed quickly. This reopens 85123, which I will mark as
+ forwarded. Closes: #86199, #86117, #85676
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700
+
+sudo (1.6.3p5-2) unstable; urgency=low
+
+ * lose the dh_suidregister call since it's obsolete
+ * stop using the --with-secure-path option at build time, and instead show
+ how to set it in sudoers. Closes: #85123
+ * freshen config.sub and config.guess for ia64 and hppa
+ * update sudoers man page to indicate exempt_group is on by default,
+ closes: #70847
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700
+
+sudo (1.6.3p5-1) unstable; urgency=low
+
+ * new upstream version, closes: #63940, #59175, #61817, #64652, #65743
+ * this version restores core dumps before the exec, while leaving them
+ disabled during sudo's internal execution, closes: #58289
+ * update debhelper calls in rules file
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600
+
+sudo (1.6.2p2-1) frozen unstable; urgency=medium
+
+ * new upstream source resulting from direct collaboration with the upstream
+ author to fix ugly pam-related problems on Debian in 1.6.1 and later.
+ Closes: #56129, #55978, #55979, #56550, #56772
+ * include more upstream documentation, closes: #55054
+ * pam.d fragment update, closes: #56129
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700
+
+sudo (1.6.1-1) unstable; urgency=low
+
+ * new upstream source, closes: #52750
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700
+
+sudo (1.6-2) unstable; urgency=low
+
+ * drop suidregister support for this package. The sudo executable is
+ essentially worthless unless it is setuid root, and making suidregister
+ work involves shipping a non-setuid executable in the .deb and setting the
+ perms in the postinst. On a long upgrade run, this can leave the sudo
+ executable 'broken' for a long time, which is unacceptable. With this
+ version, we ship the executable setuid root in the .deb. Closes: #51742
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700
+
+sudo (1.6-1) unstable; urgency=low
+
+ * new upstream version, many options previously set at compile-time are now
+ configurable at runtime.
+ Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639
+ * FHS support
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700
+
+sudo (1.5.9p4-1) unstable; urgency=low
+
+ * new upstream version, closes: #43464
+ * empty password handling was fixed in 1.5.8, closes: #31863
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600
+
+sudo (1.5.9p1-1) unstable; urgency=low
+
+ * new upstream version
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600
+
+sudo (1.5.8p1-1) unstable; urgency=medium
+
+ * new upstream version, closes 33690
+ * add dependency on libpam-modules, closes 34215, 33432
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700
+
+sudo (1.5.7p4-2) unstable; urgency=medium
+
+ * update the pam fragment provided so that sudo works with latest pam bits,
+ closes 33432
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700
+
+sudo (1.5.7p4-1) unstable; urgency=low
+
+ * new upstream release
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700
+
+sudo (1.5.6p5-1) unstable; urgency=low
+
+ * new upstream patch release
+ * add PAM support, closes 28594
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700
+
+sudo (1.5.6p2-2) unstable; urgency=low
+
+ * update copyright file, closes 24136
+ * review and close forwarded bugs believed fixed in this upstream version,
+ closes 17606, 15786.
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
+
+sudo (1.5.6p2-1) unstable; urgency=low
+
+ * new upstream release
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600
+
+sudo (1.5.4-4) frozen unstable; urgency=low
+
+ * update postinst to use groupadd, closes 21403
+ * move the suidregister stuff earlier in postinst to ensure it always runs
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600
+
+sudo (1.5.4-3) frozen unstable; urgency=low
+
+ * change /etc/sudoers from a conffile to being handled in postinst,
+ closes 18219
+ * add suidmanager support, closes 15711
+ * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is
+ unlikely to ever fix, and which just don't matter. closes 17146
+ * fix FSF address in copyright file, and submit exception for lintian
+ warning about sudo being setuid root
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600
+
+sudo (1.5.4-2) unstable; urgency=high
+
+ * patch from upstream author correcting/improving security fix
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700
+
+sudo (1.5.4-1) unstable; urgency=high
+
+ * new upstream version, includes a security fix
+ * change default editor from /bin/ae to /usr/bin/editor
+
+ -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700
+
+sudo (1.5.3-1) unstable; urgency=medium
+
+ * new upstream version, closes bug 15911.
+ * rules file reworked to use debhelper
+ * implement a really gross hack to force use of the sudo-provided
+ lsearch(), since the one in libc6 is broken! This closes bugs
+ 12552, 12557, 14881, 15259, 15916.
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700
+
+sudo (1.5.2-6) unstable; urgency=LOW
+
+ * don't install INSTALL in the doc directory, closes bug 13195.
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600
+
+sudo (1.5.2-5) unstable; urgency=LOW
+
+ * libc6
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600
+
+sudo (1.5.2-4) unstable; urgency=LOW
+
+ * change TIMEOUT (how long before you have to type your password again)
+ to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian
+ packages on slower machines much more tolerable. Closes bug 9076.
+ * touch debian/suid before debstd. Closes bug 8709.
+
+ -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600
+
+sudo (1.5.2-3) frozen unstable; urgency=LOW
+
+ * patch from upstream maintainer to close Bug 6828
+ * add a debian/suid file to get debstd to leave my perl postinst alone
+
+ -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600
+
+sudo (1.5.2-2) frozen unstable; urgency=LOW
+
+ * change rules to use -O2 -Wall as per standards
+
+ -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600
+
+sudo (1.5.2-1) unstable; urgency=LOW
+
+ * new upstream version
+ * cosmetic changes to debian package control files
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700
+
+sudo (1.5-2) unstable; urgency=LOW
+
+ * add /usr/X11R6/bin to the end of the secure path... this makes it
+ much easier to run xmkmf, etc., during package builds. To the extent
+ that /usr/local/sbin and /usr/local/bin were already included, I see
+ no security reasons not to add this.
+
+ -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700
+
+sudo (1.5-1) unstable; urgency=LOW
+
+ * New upstream version
+ * New maintainer
+ * New packaging format
+
+ -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200
+
+Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
+
+ sudo (1.4.1-1):
+
+ * hard code SECURE_PATH to:
+ "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+ * enable ENV_EDITOR
+
+ * enabled EXEMPTGROUP "sudo"
+
+ * moved timestamp dir to /var/log/sudo
+
+ * changed parser to check for long and short filenames (Bug#1162)
+
+Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de>
+
+ sudo (1.4.2-1):
+
+ * New upstream source
+
+ * Fixed postinst script
+ (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>)
+
+ * Removed special shadow binary. This version works with and without
+ shadow password file.
+
+Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.2-2):
+
+ * Corrected editor path to /bin/ae (Bug#3062)
+
+ * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063)
+
+Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-1):
+
+ * New upstream version
+
+ * Changed sudoers permission to 440 (owner root, group root) to make
+ sudo usable via NFS
+
+Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-2):
+
+ * Applied upstream patch 1
+
+Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-3):
+
+ * Applied upstream patch 2
+
+Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-4):
+
+ * Applied upstream patch 3 (fixes problems with an NFS-mounted
+ sudoers file)
+
+
+Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-5):
+
+ * Corrected postinst to use /usr/bin/perl instead of /bin/perl
+ [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)]
+
+Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-6):
+
+ * Applied upstream patch 4 (fixes several bugs)
+
+ * Changed priority to optional
+
+Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.3-7):
+
+ * Corrected postinst to create correct permission for /etc/sudoers
+ (Bug#3749)
+
+Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org>
+
+ sudo (1.4.4-1):
+
+ * New upstream version
+
+
+sudo (1.4.4-2) admin; urgency=HIGH
+
+ * Fixed major security bug reported by Peter Tobias
+ <tobias@et-inf.fho-emden.de>
+ * Added dchanges support to debian.rules
+
+sudo (1.4.5-1) admin; urgency=LOW
+
+ * New upstream version
+ * Minor changes to debian.rules