Change log for sudo package in Ubuntu
1 → 75 of 209 results | First • Previous • Next • Last |
sudo (1.9.15p5-3ubuntu5) noble; urgency=high * No change rebuild against libssl3t64. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 16:50:39 +0200
Available diffs
- diff from 1.9.15p5-3ubuntu4 to 1.9.15p5-3ubuntu5 (323 bytes)
sudo (1.9.15p5-3ubuntu4) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 17:17:28 +0000
Available diffs
- diff from 1.9.15p5-3ubuntu3 to 1.9.15p5-3ubuntu4 (328 bytes)
sudo (1.9.15p5-3ubuntu3) noble; urgency=medium * Disable an offensive insult (LP: #2058053) - d/p/disable_offensive_insult.patch: properly disable an offensive insult that was fogotten when the configure options were refactored in plugins/sudoers/ins_csops.h. -- Marc Deslauriers <email address hidden> Mon, 18 Mar 2024 07:53:26 -0400
Available diffs
- diff from 1.9.15p5-3ubuntu1 to 1.9.15p5-3ubuntu3 (951 bytes)
- diff from 1.9.15p5-3ubuntu2 to 1.9.15p5-3ubuntu3 (886 bytes)
Superseded in noble-proposed |
sudo (1.9.15p5-3ubuntu2) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <email address hidden> Mon, 04 Mar 2024 21:28:45 +0000
Available diffs
- diff from 1.9.15p5-3ubuntu1 to 1.9.15p5-3ubuntu2 (341 bytes)
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
sudo (1.9.15p5-3ubuntu1) noble; urgency=medium * Merge with Debian unstable (LP: #2051576). Remaining changes: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) - debian/tests/04-getroot-sssd: + Check if the slapd daemon is ready before proceeding. In some situations, the next command (ldapmodify) runs before the service is ready. See LP#2026888
Available diffs
- diff from 1.9.14p2-1ubuntu1 to 1.9.15p5-3ubuntu1 (821.0 KiB)
Superseded in noble-release |
Published in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
sudo (1.9.14p2-1ubuntu1) mantic; urgency=medium * Merge with Debian unstable (LP: #2030914). Remaining changes: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) - debian/tests/04-getroot-sssd: + Check if the slapd daemon is ready before proceeding. In some situations, the next command (ldapmodify) runs before the service is ready. See LP#2026888 -- Danilo Egea Gondolfo <email address hidden> Wed, 09 Aug 2023 21:53:59 +0100
Available diffs
- diff from 1.9.13p3-3ubuntu1 to 1.9.14p2-1ubuntu1 (615.0 KiB)
sudo (1.9.13p3-3ubuntu1) mantic; urgency=medium * Merge with Debian unstable (LP: #2025655). Remaining changes: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) * Added changes: - debian/tests/04-getroot-sssd: + Check if the slapd daemon is ready before proceeding. In some situations, the next command (ldapmodify) runs before the service is ready. See LP:#2026888 * Dropped changes: - Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) This wasn't in the former Ubuntu version, just mentioned in the changelog by accident
Available diffs
sudo (1.9.13p3-1ubuntu1) mantic; urgency=medium * Merge with Debian unstable. Remaining changes: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) - debian/control: + Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) (for context see LP 1915250) * Dropped changes, now included in Debian: - debian/patches/CVE-2023-27320.patch -- Danilo Egea Gondolfo <email address hidden> Tue, 23 May 2023 14:34:04 +0100
Available diffs
sudo (1.8.21p2-3ubuntu1.6) bionic-security; urgency=medium * SECURITY UPDATE: does not escape control characters - debian/patches/CVE-2023-2848x-1.patch: escape control characters in log messages and sudoreplay output in docs/sudoers.man.in, docs/sudoers.mdoc.in, docs/sudoreplay.man.in, docs/sudoreplay.mdoc.in, include/sudo_compat.h, include/sudo_lbuf.h, lib/util/lbuf.c, lib/util/util.exp.in, plugins/sudoers/logging.c, plugins/sudoers/sudoreplay.c. - debian/patches/CVE-2023-2848x-2.patch: fix regression in plugins/sudoers/logging.c. - CVE-2023-28486 - CVE-2023-28487 -- Marc Deslauriers <email address hidden> Tue, 04 Apr 2023 08:44:58 -0400
Available diffs
sudo (1.8.31-1ubuntu1.5) focal-security; urgency=medium * SECURITY UPDATE: does not escape control characters - debian/patches/CVE-2023-2848x-1.patch: escape control characters in log messages and sudoreplay output in docs/sudoers.man.in, docs/sudoers.mdoc.in, docs/sudoreplay.man.in, docs/sudoreplay.mdoc.in, include/sudo_compat.h, include/sudo_lbuf.h, lib/util/lbuf.c, lib/util/util.exp.in, plugins/sudoers/logging.c, plugins/sudoers/sudoreplay.c. - debian/patches/CVE-2023-2848x-2.patch: fix regression in plugins/sudoers/logging.c. - CVE-2023-28486 - CVE-2023-28487 -- Marc Deslauriers <email address hidden> Tue, 04 Apr 2023 07:56:28 -0400
Available diffs
sudo (1.9.11p3-1ubuntu1.3) kinetic-security; urgency=medium * SECURITY UPDATE: does not escape control characters - debian/patches/CVE-2023-2848x-1.patch: escape control characters in log messages and sudoreplay output in docs/sudoers.man.in, docs/sudoers.mdoc.in, docs/sudoreplay.man.in, docs/sudoreplay.mdoc.in, include/sudo_lbuf.h, lib/eventlog/eventlog.c, lib/iolog/iolog_json.c, lib/util/lbuf.c, lib/util/util.exp.in, plugins/sudoers/sudoreplay.c. - debian/patches/CVE-2023-2848x-2.patch: fix regression in lib/eventlog/eventlog.c. - CVE-2023-28486 - CVE-2023-28487 -- Marc Deslauriers <email address hidden> Mon, 03 Apr 2023 13:57:25 -0400
Available diffs
sudo (1.9.9-1ubuntu2.4) jammy-security; urgency=medium * SECURITY UPDATE: does not escape control characters - debian/patches/CVE-2023-2848x-1.patch: escape control characters in log messages and sudoreplay output in docs/sudoers.man.in, docs/sudoers.mdoc.in, docs/sudoreplay.man.in, docs/sudoreplay.mdoc.in, include/sudo_lbuf.h, lib/eventlog/eventlog.c, lib/iolog/iolog_json.c, lib/util/lbuf.c, lib/util/util.exp.in, plugins/sudoers/sudoreplay.c. - debian/patches/CVE-2023-2848x-2.patch: fix regression in lib/eventlog/eventlog.c. - CVE-2023-28486 - CVE-2023-28487 -- Marc Deslauriers <email address hidden> Mon, 03 Apr 2023 14:00:44 -0400
Available diffs
sudo (1.9.11p3-1ubuntu1.2) kinetic-security; urgency=medium * SECURITY UPDATE: double free with per-command chroot sudoers rules - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in MANIFEST, plugins/sudoers/match_command.c, plugins/sudoers/regress/fuzz/fuzz_sudoers.c, plugins/sudoers/regress/testsudoers/test20.out.ok, plugins/sudoers/regress/testsudoers/test20.sh, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c. - CVE-2023-27320 -- Marc Deslauriers <email address hidden> Wed, 01 Mar 2023 08:59:06 -0500
Available diffs
Superseded in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
sudo (1.9.13p1-1ubuntu2) lunar; urgency=medium * SECURITY UPDATE: double free with per-command chroot sudoers rules - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in MANIFEST, plugins/sudoers/match_command.c, plugins/sudoers/regress/fuzz/fuzz_sudoers.c, plugins/sudoers/regress/testsudoers/test20.out.ok, plugins/sudoers/regress/testsudoers/test20.sh, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c. - CVE-2023-27320 -- Marc Deslauriers <email address hidden> Wed, 01 Mar 2023 08:51:34 -0500
Available diffs
sudo (1.9.9-1ubuntu2.3) jammy-security; urgency=medium * SECURITY UPDATE: double free with per-command chroot sudoers rules - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in MANIFEST, plugins/sudoers/match_command.c, plugins/sudoers/regress/fuzz/fuzz_sudoers.c, plugins/sudoers/regress/testsudoers/test20.out.ok, plugins/sudoers/regress/testsudoers/test20.sh, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c. - CVE-2023-27320 -- Marc Deslauriers <email address hidden> Wed, 01 Mar 2023 08:59:37 -0500
Available diffs
Superseded in lunar-proposed |
sudo (1.9.13p1-1ubuntu1) lunar; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) - debian/control: + Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) (for context see LP: 1915250) - Drop patches for issues fixed upstream + d/p/CVE-2023-22809.patch + d/p/Add-XDG_CURRENT_DESKTOP-to-initial_keepenv_table.patch
Available diffs
sudo (1.9.11p3-1ubuntu3) lunar; urgency=medium * SECURITY UPDATE: arbitrary file overwrite via sudoedit - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c. - CVE-2023-22809 -- Marc Deslauriers <email address hidden> Wed, 18 Jan 2023 12:46:34 -0500
Available diffs
sudo (1.8.21p2-3ubuntu1.5) bionic-security; urgency=medium * SECURITY UPDATE: arbitrary file overwrite via sudoedit - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include -- in plugins/sudoers/editor.c. - CVE-2023-22809 -- Marc Deslauriers <email address hidden> Mon, 16 Jan 2023 09:40:55 -0500
Available diffs
sudo (1.8.31-1ubuntu1.4) focal-security; urgency=medium * SECURITY UPDATE: arbitrary file overwrite via sudoedit - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c. - CVE-2023-22809 -- Marc Deslauriers <email address hidden> Mon, 16 Jan 2023 08:06:24 -0500
Available diffs
sudo (1.9.9-1ubuntu2.2) jammy-security; urgency=medium * SECURITY UPDATE: arbitrary file overwrite via sudoedit - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c. - CVE-2023-22809 * SECURITY UPDATE: DoS via invalid arithmetic shift in Protobuf-c - debian/patches/CVE-2022-33070.patch: only shift unsigned values in lib/protobuf-c/protobuf-c.c. - CVE-2022-33070 -- Marc Deslauriers <email address hidden> Mon, 16 Jan 2023 07:36:33 -0500
Available diffs
sudo (1.9.11p3-1ubuntu1.1) kinetic-security; urgency=medium * SECURITY UPDATE: arbitrary file overwrite via sudoedit - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c. - CVE-2023-22809 -- Marc Deslauriers <email address hidden> Mon, 16 Jan 2023 07:34:35 -0500
Available diffs
sudo (1.9.11p3-1ubuntu2) lunar; urgency=medium * No-change rebuild against libldap-2 -- Steve Langasek <email address hidden> Thu, 15 Dec 2022 19:57:01 +0000
Available diffs
- diff from 1.9.11p3-1ubuntu1 to 1.9.11p3-1ubuntu2 (333 bytes)
sudo (1.9.9-1ubuntu2.1) jammy; urgency=medium * Add XDG_CURRENT_DESKTOP to initial_keepenv_table for Qt to determine the correct theme (LP: #1958055) -- Benjamin Drung <email address hidden> Thu, 04 Aug 2022 12:35:21 +0200
Available diffs
- diff from 1.9.9-1ubuntu2 to 1.9.9-1ubuntu2.1 (945 bytes)
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
sudo (1.9.11p3-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/control: + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) - Add XDG_CURRENT_DESKTOP to initial_keepenv_table for Qt to determine the correct theme (LP: #1958055)
Available diffs
- diff from 1.9.10-3ubuntu1 to 1.9.11p3-1ubuntu1 (868.3 KiB)
sudo (1.9.10-3ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/control: + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) * Dropped changes (applied in Debian): - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag * Add XDG_CURRENT_DESKTOP to initial_keepenv_table for Qt to determine the correct theme (LP: #1958055)
Available diffs
- diff from 1.9.9-1ubuntu2 to 1.9.10-3ubuntu1 (482.7 KiB)
Superseded in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
sudo (1.9.9-1ubuntu2) jammy; urgency=medium * d/t/control: skip 03-getroot-ldap autopkgtest on non-containers -- Lukas Märdian <email address hidden> Mon, 14 Feb 2022 12:48:05 +0100
Available diffs
- diff from 1.9.5p2-3ubuntu2 to 1.9.9-1ubuntu2 (2.2 MiB)
- diff from 1.9.9-1ubuntu1 to 1.9.9-1ubuntu2 (704 bytes)
Superseded in jammy-proposed |
sudo (1.9.9-1ubuntu1) jammy; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/control: + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1) - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8 - debian/sudo[-ldap].init: delete init scripts, as they are no longer necessary. - debian/etc/pam.d/sudo[-i]: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/etc/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/tests/control: 03-getroot-ldap: + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes) * Dropped changes: - debian/rules: + use dh-autoreconf (converted to using dh)
Available diffs
Superseded in jammy-release |
Obsolete in impish-release |
Deleted in impish-proposed (Reason: Moved to impish) |
sudo (1.9.5p2-3ubuntu2) impish; urgency=medium * No-change rebuild due to OpenLDAP soname bump. -- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 18:09:32 -0400
Available diffs
- diff from 1.9.5p2-3ubuntu1 to 1.9.5p2-3ubuntu2 (360 bytes)
sudo (1.9.5p2-3ubuntu1) impish; urgency=low * Merge from Debian unstable (LP: #1929110). Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path * Dropped changes, now included in Debian: - debian/rules: + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks -- William 'jawn-smith' Wilson <email address hidden> Thu, 20 May 2021 15:43:31 +0000
Available diffs
Superseded in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
sudo (1.9.5p2-2ubuntu3) hirsute; urgency=medium * No change rebuild with fixed ownership. -- Dimitri John Ledkov <email address hidden> Thu, 18 Feb 2021 00:03:21 +0000
Available diffs
Superseded in hirsute-proposed |
sudo (1.9.5p2-2ubuntu2) hirsute; urgency=medium * No change rebuild against new permissions ABI. LP: #1915250
Available diffs
Deleted in hirsute-proposed (Reason: remove broken sudo from proposed) |
sudo (1.9.5p2-2ubuntu1) hirsute; urgency=low * Merge from Debian unstable. (LP: #1915307) * Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path * Dropped patches, no longer needed because they are integrated in Debian: - CVE-2021-23239.patch - CVE-2021-3156-1.patch - CVE-2021-3156-2.patch - CVE-2021-3156-3.patch - CVE-2021-3156-4.patch - CVE-2021-3156-5.patch
Available diffs
- diff from 1.9.4p2-2ubuntu3 to 1.9.5p2-2ubuntu1 (186.6 KiB)
sudo (1.9.4p2-2ubuntu3) hirsute; urgency=medium * SECURITY UPDATE: ineffective NO_ROOT_MAILER hardening option - debian/patches/ineffective_no_root_mailer.patch: fix NO_ROOT_MAILER in plugins/sudoers/logging.c, plugins/sudoers/policy.c. - No CVE number -- Marc Deslauriers <email address hidden> Sat, 30 Jan 2021 14:35:13 -0500
Available diffs
sudo (1.8.3p1-1ubuntu3.10) precise-security; urgency=medium * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 27 Jan 2021 08:49:33 -0300
Available diffs
sudo (1.9.4p2-2ubuntu2) hirsute; urgency=medium * SECURITY UPDATE: dir existence issue via sudoedit race - debian/patches/CVE-2021-23239.patch: fix potential directory existing info leak in sudoedit in src/sudo_edit.c. - CVE-2021-23239 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/policy.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 -- Marc Deslauriers <email address hidden> Tue, 26 Jan 2021 14:37:48 -0500
Available diffs
sudo (1.8.31-1ubuntu1.2) focal-security; urgency=medium * SECURITY UPDATE: dir existence issue via sudoedit race - debian/patches/CVE-2021-23239.patch: fix potential directory existing info leak in sudoedit in src/sudo_edit.c. - CVE-2021-23239 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-pre1.patch: sanity check size when converting the first record to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/policy.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 -- Marc Deslauriers <email address hidden> Tue, 19 Jan 2021 09:21:02 -0500
Available diffs
sudo (1.8.21p2-3ubuntu1.4) bionic-security; urgency=medium * SECURITY UPDATE: dir existence issue via sudoedit race - debian/patches/CVE-2021-23239.patch: fix potential directory existing info leak in sudoedit in src/sudo_edit.c. - CVE-2021-23239 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-pre1.patch: check lock record size in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-pre2.patch: sanity check size when converting the first record to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/policy.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 * debian/control: added tzdata to Build-Depends so that the time zone data directory is present during builds. -- Marc Deslauriers <email address hidden> Tue, 19 Jan 2021 09:36:00 -0500
sudo (1.9.1-1ubuntu1.1) groovy-security; urgency=medium * SECURITY UPDATE: dir existence issue via sudoedit race - debian/patches/CVE-2021-23239.patch: fix potential directory existing info leak in sudoedit in src/sudo_edit.c. - CVE-2021-23239 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/policy.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 * debian/control: added tzdata to Build-Depends so that the time zone data directory is present during builds. -- Marc Deslauriers <email address hidden> Tue, 19 Jan 2021 09:08:56 -0500
Available diffs
sudo (1.8.16-0ubuntu1.10) xenial-security; urgency=medium * SECURITY UPDATE: dir existence issue via sudoedit race - debian/patches/CVE-2021-23239.patch: fix potential directory existing info leak in sudoedit in src/sudo_edit.c. - CVE-2021-23239 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2021-3156-pre1.patch: check lock record size in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-pre2.patch: sanity check size when converting the first record to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to MODE_NONINTERACTIVE for sudoedit in src/parse_args.c. - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in plugin in plugins/sudoers/policy.c. - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow when unescaping backslashes in plugins/sudoers/sudoers.c. - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL in plugins/sudoers/timestamp.c. - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is allocated as a single flat buffer in src/parse_args.c. - CVE-2021-3156 -- Marc Deslauriers <email address hidden> Tue, 19 Jan 2021 09:48:09 -0500
Available diffs
sudo (1.9.4p2-2ubuntu1) hirsute; urgency=low * Merge from Debian unstable. Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path
Available diffs
- diff from 1.9.3p1-1ubuntu1 to 1.9.4p2-2ubuntu1 (520.5 KiB)
sudo (1.9.3p1-1ubuntu1) hirsute; urgency=low * Merge from Debian unstable. Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path
Available diffs
- diff from 1.9.1-1ubuntu1 to 1.9.3p1-1ubuntu1 (706.3 KiB)
sudo (1.8.21p2-3ubuntu1.3) bionic; urgency=medium * d/p/0001-In-pty_close-close-the-slave-and-remove-any-events-a.patch: - fix sudo hangs when IO logging is enabled (LP: #1895757) -- Heitor Alves de Siqueira <email address hidden> Wed, 23 Sep 2020 14:59:35 +0000
Available diffs
sudo (1.8.31-1ubuntu1.1) focal; urgency=medium * d/p/ignore-rlimit-core-failure.patch: Ignore a failure to restore the RLIMIT_CORE resource limit. Linux containers don't allow RLIMIT_CORE to be set back to RLIM_INFINITY if we set the limit to zero, even for root. RLIMIT_NPROC is also not allowed to be set back. This is not a problem outside the container. (LP: #1857036) -- Bryce Harrington <email address hidden> Wed, 15 Jul 2020 00:17:58 +0000
Available diffs
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
sudo (1.9.1-1ubuntu1) groovy; urgency=low * Merge from Debian unstable. Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path
Available diffs
- diff from 1.9.0-1ubuntu1 to 1.9.1-1ubuntu1 (598.9 KiB)
sudo (1.9.0-1ubuntu1) groovy; urgency=low * Merge from Debian unstable. Remaining changes: - debian/rules: + use dh-autoreconf - debian/rules: stop shipping init scripts, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path * Dropped changes, no longer needed: - debian/control: + use dh-autoreconf
Available diffs
Superseded in groovy-release |
Published in focal-release |
Deleted in focal-proposed (Reason: moved to Release) |
sudo (1.8.31-1ubuntu1) focal; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf
Available diffs
- diff from 1.8.29-1ubuntu1 to 1.8.31-1ubuntu1 (131.6 KiB)
sudo (1.8.16-0ubuntu1.9) xenial-security; urgency=medium * SECURITY UPDATE: buffer overflow in sudo when pwfeedback is enabled - debian/patches/CVE-2019-18634.patch: fix overflow in src/tgetpass.c. - CVE-2019-18634 -- Marc Deslauriers <email address hidden> Fri, 31 Jan 2020 12:19:11 -0500
Available diffs
sudo (1.8.27-1ubuntu4.1) eoan-security; urgency=medium * SECURITY UPDATE: buffer overflow in sudo when pwfeedback is enabled - debian/patches/CVE-2019-18634.patch: fix overflow in src/tgetpass.c. - CVE-2019-18634 -- Marc Deslauriers <email address hidden> Fri, 31 Jan 2020 12:07:33 -0500
Available diffs
sudo (1.8.21p2-3ubuntu1.2) bionic-security; urgency=medium * SECURITY UPDATE: buffer overflow in sudo when pwfeedback is enabled - debian/patches/CVE-2019-18634.patch: fix overflow in src/tgetpass.c. - CVE-2019-18634 -- Marc Deslauriers <email address hidden> Fri, 31 Jan 2020 12:18:41 -0500
Available diffs
sudo (1.8.29-1ubuntu1) focal; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf * Removed patches included in new version: - debian/patches/CVE-2019-14287.patch - debian/patches/CVE-2019-14287-2.patch
Available diffs
- diff from 1.8.27-1ubuntu4 to 1.8.29-1ubuntu1 (875.0 KiB)
Superseded in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to Release) |
sudo (1.8.27-1ubuntu4) eoan; urgency=medium * SECURITY UPDATE: privilege escalation via UID -1 - debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid in lib/util/strtoid.c. - debian/patches/CVE-2019-14287-2.patch: fix and add to tests in lib/util/regress/atofoo/atofoo_test.c, plugins/sudoers/regress/testsudoers/test5.out.ok, plugins/sudoers/regress/testsudoers/test5.sh. - CVE-2019-14287 -- Marc Deslauriers <email address hidden> Tue, 15 Oct 2019 07:09:02 -0400
Available diffs
sudo (1.8.21p2-3ubuntu1.1) bionic-security; urgency=medium * SECURITY UPDATE: privilege escalation via UID -1 - debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid in lib/util/strtoid.c. - CVE-2019-14287 - debian/patches/CVE-2019-14287-2.patch: fix and add to tests in lib/util/regress/atofoo/atofoo_test.c, plugins/sudoers/regress/testsudoers/test5.out.ok, plugins/sudoers/regress/testsudoers/test5.sh. - CVE-2019-14287 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2019 14:32:59 -0400
Available diffs
sudo (1.8.16-0ubuntu1.8) xenial-security; urgency=medium * SECURITY UPDATE: privilege escalation via UID -1 - debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid in lib/util/strtoid.c. - CVE-2019-14287 - debian/patches/CVE-2019-14287-2.patch: fix and add to tests in lib/util/regress/atofoo/atofoo_test.c, plugins/sudoers/regress/testsudoers/test5.out.ok, plugins/sudoers/regress/testsudoers/test5.sh. - CVE-2019-14287 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2019 14:47:22 -0400
Available diffs
sudo (1.8.27-1ubuntu1.1) disco-security; urgency=medium * SECURITY UPDATE: privilege escalation via UID -1 - debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid in lib/util/strtoid.c. - debian/patches/CVE-2019-14287-2.patch: fix and add to tests in lib/util/regress/atofoo/atofoo_test.c, plugins/sudoers/regress/testsudoers/test5.out.ok, plugins/sudoers/regress/testsudoers/test5.sh. - CVE-2019-14287 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2019 14:29:24 -0400
Available diffs
sudo (1.8.27-1ubuntu3) eoan; urgency=medium * No-change upload with strops.h and sys/strops.h removed in glibc. -- Matthias Klose <email address hidden> Thu, 05 Sep 2019 11:12:29 +0000
Available diffs
- diff from 1.8.27-1ubuntu2 to 1.8.27-1ubuntu3 (345 bytes)
sudo (1.8.27-1ubuntu2) eoan; urgency=medium * Remove d/p/keep_home_by_default.patch (LP: #1556302) - This restores sudo handling of $HOME to what everyone else does -- Dan Streetman <email address hidden> Tue, 04 Jun 2019 08:58:02 -0400
Available diffs
- diff from 1.8.27-1ubuntu1 to 1.8.27-1ubuntu2 (792 bytes)
sudo (1.8.16-0ubuntu1.7) xenial-security; urgency=medium * debian/patches/terminate-with-commands-signal.patch: re-enable patch that got dropped by mistake in previous upload. (LP: #1832257) -- Marc Deslauriers <email address hidden> Mon, 10 Jun 2019 15:42:44 -0400
Available diffs
- diff from 1.8.16-0ubuntu1.6 to 1.8.16-0ubuntu1.7 (530 bytes)
sudo (1.8.16-0ubuntu1.6) xenial-security; urgency=medium [ Steve Beattie ] * SECURITY UPDATE: /proc/self/stat parsing newline confusion - debian/patches/CVE-2017-1000368.patch: read all lines of /proc/self/stat - CVE-2017-1000368 * debian/patches/avoid_sign_extension_tty_nr.patch: hardening to ensure sign extension doesn't occur when parsing /proc/self/stat [ Marc Deslauriers ] * SECURITY UPDATE: sudo noexec bypass - debian/patches/CVE-2016-7076-*.patch: wrap wordexp, add seccomp filter. - CVE-2016-7076 -- Marc Deslauriers <email address hidden> Wed, 01 May 2019 11:30:39 -0400
Available diffs
Superseded in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
sudo (1.8.27-1ubuntu1) disco; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment
Available diffs
- diff from 1.8.23-2ubuntu1 to 1.8.27-1ubuntu1 (712.8 KiB)
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
sudo (1.8.23-2ubuntu1) cosmic; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment
Available diffs
- diff from 1.8.21p2-3ubuntu1 to 1.8.23-2ubuntu1 (676.3 KiB)
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
sudo (1.8.21p2-3ubuntu1) bionic; urgency=medium * Merge from Debian unstable. Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment
Available diffs
- diff from 1.8.21p2-2ubuntu1 to 1.8.21p2-3ubuntu1 (963 bytes)
sudo (1.8.21p2-2ubuntu1) bionic; urgency=medium * Merge from Debian unstable. (LP: #1731981) Remaining changes: - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment Dropped changes since they are integrated in Debian: - Use tmpfs location to store timestamp files + debian/rules: change --with-rundir to /var/run/sudo + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init script with dpkg-maintscript-helper. Dropped changes since the the transition took place already in every release the package can be upgraded from: + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo transition code, remove old /var/lib/sudo/ts timestamp directory. * Refresh patches
Available diffs
- diff from 1.8.20p2-1ubuntu1 to 1.8.21p2-2ubuntu1 (369.6 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
sudo (1.8.20p2-1ubuntu1) artful; urgency=low * Merge from Debian unstable. (LP: #1697587) Remaining changes: - Use tmpfs location to store timestamp files + debian/rules: change --with-rundir to /var/run/sudo + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init script with dpkg-maintscript-helper. + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo transition code, remove old /var/lib/sudo/ts timestamp directory. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment - Dropped patches no longer needed: + CVE-2017-1000367.patch
Available diffs
- diff from 1.8.19p1-1ubuntu1 to 1.8.20p2-1ubuntu1 (536.7 KiB)
- diff from 1.8.19p1-1ubuntu2 to 1.8.20p2-1ubuntu1 (539.2 KiB)
sudo (1.8.19p1-1ubuntu1.2) zesty; urgency=medium * Terminate with the same signal as the command (LP: #1686803) This fixes a regression introduced in sudo 1.8.15 changeset 10229:153f016db8f1. -- Balint Reczey <email address hidden> Tue, 13 Jun 2017 10:00:00 +0200
Available diffs
Obsolete in yakkety-proposed |
sudo (1.8.16-0ubuntu3.3) yakkety; urgency=medium * Terminate with the same signal as the command (LP: #1686803) This fixes a regression introduced in sudo 1.8.15 changeset 10229:153f016db8f1. -- Balint Reczey <email address hidden> Tue, 13 Jun 2017 11:00:03 +0200
Available diffs
sudo (1.8.16-0ubuntu1.5) xenial; urgency=medium * Terminate with the same signal as the command (LP: #1686803) This fixes a regression introduced in sudo 1.8.15 changeset 10229:153f016db8f1. -- Balint Reczey <email address hidden> Tue, 13 Jun 2017 11:10:50 +0200
Available diffs
Superseded in artful-proposed |
sudo (1.8.19p1-1ubuntu2) artful; urgency=medium * SECURITY UPDATE: /proc/self/stat parsing confusion - debian/patches/CVE-2017-1000367.patch: adjust parsing to find ttyname - CVE-2017-1000367 -- Steve Beattie <email address hidden> Mon, 29 May 2017 03:13:37 -0700
Available diffs
sudo (1.8.16-0ubuntu3.2) yakkety-security; urgency=medium * SECURITY UPDATE: /proc/self/stat parsing confusion - debian/patches/CVE-2017-1000367.patch: adjust parsing to find ttyname - CVE-2017-1000367 -- Steve Beattie <email address hidden> Mon, 29 May 2017 03:24:16 -0700
Available diffs
sudo (1.8.19p1-1ubuntu1.1) zesty-security; urgency=medium * SECURITY UPDATE: /proc/self/stat parsing confusion - debian/patches/CVE-2017-1000367.patch: adjust parsing to find ttyname - CVE-2017-1000367 -- Steve Beattie <email address hidden> Mon, 29 May 2017 03:25:14 -0700
Available diffs
sudo (1.8.16-0ubuntu1.4) xenial-security; urgency=medium * SECURITY UPDATE: /proc/self/stat parsing confusion - debian/patches/CVE-2017-1000367.patch: adjust parsing to find ttyname - CVE-2017-1000367 -- Steve Beattie <email address hidden> Mon, 29 May 2017 03:17:46 -0700
Available diffs
sudo (1.8.9p5-1ubuntu1.4) trusty-security; urgency=medium * SECURITY UPDATE: /proc/self/stat parsing confusion - debian/patches/CVE-2017-1000367.patch: adjust parsing to find ttyname - CVE-2017-1000367 -- Steve Beattie <email address hidden> Mon, 29 May 2017 01:05:33 -0700
Available diffs
Deleted in yakkety-proposed (Reason: moved to -updates) |
sudo (1.8.16-0ubuntu3.1) yakkety; urgency=medium * sssd-doesnt-handle-netgroups.diff, sssd-fix-matching-loop.diff: Only check username as part of the netgroup when netgroup_tuple is enabled. (LP: #1607666) -- Timo Aaltonen <email address hidden> Mon, 16 Jan 2017 11:49:18 +0200
Available diffs
sudo (1.8.16-0ubuntu1.3) xenial; urgency=medium * sssd-doesnt-handle-netgroups.diff, sssd-fix-matching-loop.diff: Only check username as part of the netgroup when netgroup_tuple is enabled. (LP: #1607666) -- Timo Aaltonen <email address hidden> Sat, 14 Jan 2017 01:54:21 +0200
Available diffs
Superseded in artful-release |
Obsolete in zesty-release |
Deleted in zesty-proposed (Reason: moved to release) |
sudo (1.8.19p1-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. (LP: #1607666) Remaining changes: - Use tmpfs location to store timestamp files + debian/rules: change --with-rundir to /var/run/sudo + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop shipping init script and service file, as they are no longer necessary. + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init script with dpkg-maintscript-helper. + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo transition code, remove old /var/lib/sudo/ts timestamp directory. - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/sudoers: + also grant admin group sudo access + include /snap/bin in the secure_path - debian/control, debian/rules: + use dh-autoreconf - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment - Dropped patches no longer needed: + debian/patches/lp1565567.patch: upstream. + debian/patches/also_check_sudo_group.diff: upstream. -- Timo Aaltonen <email address hidden> Sat, 14 Jan 2017 01:41:17 +0200
Available diffs
- diff from 1.8.16-0ubuntu3 to 1.8.19p1-1ubuntu1 (604.8 KiB)
sudo (1.8.9p5-1ubuntu1.3) trusty-proposed; urgency=medium * debian/sudoers: - include /snap/bin in the secure_path (LP: #1595558) -- Michael Vogt <email address hidden> Mon, 10 Oct 2016 10:10:46 +0200
Available diffs
1 → 75 of 209 results | First • Previous • Next • Last |