-
sudo (1.8.27-1ubuntu1.1) disco-security; urgency=medium
* SECURITY UPDATE: privilege escalation via UID -1
- debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid
in lib/util/strtoid.c.
- debian/patches/CVE-2019-14287-2.patch: fix and add to tests in
lib/util/regress/atofoo/atofoo_test.c,
plugins/sudoers/regress/testsudoers/test5.out.ok,
plugins/sudoers/regress/testsudoers/test5.sh.
- CVE-2019-14287
-- Marc Deslauriers <email address hidden> Thu, 10 Oct 2019 14:29:24 -0400
-
sudo (1.8.27-1ubuntu1) disco; urgency=medium
* Merge from Debian unstable.
Remaining changes:
- debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
shipping init script and service file, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
- debian/control, debian/rules:
+ use dh-autoreconf
- Remaining patches:
+ keep_home_by_default.patch: Keep HOME in the default environment
sudo (1.8.27-1) unstable; urgency=medium
* new upstream version
sudo (1.8.26-2) unstable; urgency=medium
* patch from upstream to fix man page truncation, closes: #914469
sudo (1.8.26-1) unstable; urgency=medium
[Bdale Garbee]
* new upstream version
[Ondřej Nový]
* d/changelog: Remove trailing whitespaces
* d/control: Remove trailing whitespaces
* d/rules: Remove trailing whitespaces
-- Balint Reczey <email address hidden> Tue, 19 Feb 2019 09:30:21 +0100
-
sudo (1.8.23-2ubuntu1) cosmic; urgency=medium
* Merge from Debian unstable.
Remaining changes:
- debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
shipping init script and service file, as they are no longer
necessary.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
- debian/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
- debian/control, debian/rules:
+ use dh-autoreconf
- Remaining patches:
+ keep_home_by_default.patch: Keep HOME in the default environment
sudo (1.8.23-2) unstable; urgency=high
* fix FTBFS due to earlier sudoers2ldif removal, closes: #903415
sudo (1.8.23-1) unstable; urgency=medium
* new upstream version
-- Balint Reczey <email address hidden> Thu, 23 Aug 2018 19:36:40 +0200
