-
sudo (1.8.16-0ubuntu1.10) xenial-security; urgency=medium
* SECURITY UPDATE: dir existence issue via sudoedit race
- debian/patches/CVE-2021-23239.patch: fix potential directory existing
info leak in sudoedit in src/sudo_edit.c.
- CVE-2021-23239
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2021-3156-pre1.patch: check lock record size in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-pre2.patch: sanity check size when
converting the first record to TS_LOCKEXCL in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
- debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
plugin in plugins/sudoers/policy.c.
- debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
when unescaping backslashes in plugins/sudoers/sudoers.c.
- debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
converting a v1 timestamp to TS_LOCKEXCL in
plugins/sudoers/timestamp.c.
- debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
allocated as a single flat buffer in src/parse_args.c.
- CVE-2021-3156
-- Marc Deslauriers <email address hidden> Tue, 19 Jan 2021 09:48:09 -0500
-
sudo (1.8.16-0ubuntu1.9) xenial-security; urgency=medium
* SECURITY UPDATE: buffer overflow in sudo when pwfeedback is enabled
- debian/patches/CVE-2019-18634.patch: fix overflow in src/tgetpass.c.
- CVE-2019-18634
-- Marc Deslauriers <email address hidden> Fri, 31 Jan 2020 12:19:11 -0500
-
sudo (1.8.16-0ubuntu1.8) xenial-security; urgency=medium
* SECURITY UPDATE: privilege escalation via UID -1
- debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid
in lib/util/strtoid.c.
- CVE-2019-14287
- debian/patches/CVE-2019-14287-2.patch: fix and add to tests in
lib/util/regress/atofoo/atofoo_test.c,
plugins/sudoers/regress/testsudoers/test5.out.ok,
plugins/sudoers/regress/testsudoers/test5.sh.
- CVE-2019-14287
-- Marc Deslauriers <email address hidden> Thu, 10 Oct 2019 14:47:22 -0400
-
sudo (1.8.16-0ubuntu1.7) xenial-security; urgency=medium
* debian/patches/terminate-with-commands-signal.patch: re-enable patch
that got dropped by mistake in previous upload. (LP: #1832257)
-- Marc Deslauriers <email address hidden> Mon, 10 Jun 2019 15:42:44 -0400
-
sudo (1.8.16-0ubuntu1.6) xenial-security; urgency=medium
[ Steve Beattie ]
* SECURITY UPDATE: /proc/self/stat parsing newline confusion
- debian/patches/CVE-2017-1000368.patch: read all lines of
/proc/self/stat
- CVE-2017-1000368
* debian/patches/avoid_sign_extension_tty_nr.patch: hardening to
ensure sign extension doesn't occur when parsing /proc/self/stat
[ Marc Deslauriers ]
* SECURITY UPDATE: sudo noexec bypass
- debian/patches/CVE-2016-7076-*.patch: wrap wordexp, add seccomp
filter.
- CVE-2016-7076
-- Marc Deslauriers <email address hidden> Wed, 01 May 2019 11:30:39 -0400
-
sudo (1.8.16-0ubuntu1.5) xenial; urgency=medium
* Terminate with the same signal as the command (LP: #1686803)
This fixes a regression introduced in sudo 1.8.15 changeset
10229:153f016db8f1.
-- Balint Reczey <email address hidden> Tue, 13 Jun 2017 11:10:50 +0200
-
sudo (1.8.16-0ubuntu1.4) xenial-security; urgency=medium
* SECURITY UPDATE: /proc/self/stat parsing confusion
- debian/patches/CVE-2017-1000367.patch: adjust parsing to
find ttyname
- CVE-2017-1000367
-- Steve Beattie <email address hidden> Mon, 29 May 2017 03:17:46 -0700
-
sudo (1.8.16-0ubuntu1.3) xenial; urgency=medium
* sssd-doesnt-handle-netgroups.diff, sssd-fix-matching-loop.diff:
Only check username as part of the netgroup when netgroup_tuple is enabled.
(LP: #1607666)
-- Timo Aaltonen <email address hidden> Sat, 14 Jan 2017 01:54:21 +0200
-
sudo (1.8.16-0ubuntu1.2) xenial; urgency=medium
* debian/sudoers:
- include /snap/bin in the secure_path (LP: #1595558)
-- Michael Vogt <email address hidden> Mon, 15 Aug 2016 18:10:18 +0200
-
sudo (1.8.16-0ubuntu1.1) xenial; urgency=medium
* debian/patches/lp1565567.patch: fix crash when looking up a negative
cached entry which is stored as a NULL passwd or group struct pointer
in plugins/sudoers/pwutil.c. (LP: #1565567)
-- Marc Deslauriers <email address hidden> Wed, 04 May 2016 11:36:54 -0400
-
sudo (1.8.16-0ubuntu1) xenial; urgency=medium
* Update to new upstream version 1.8.16. (LP: #1563825)
- Dropped patches no longer needed:
+ CVE-2015-5602-6.patch
+ CVE-2015-5602-7.patch
* Merge from Debian unstable. Remaining changes:
- Use tmpfs location to store timestamp files
+ debian/rules: change --with-rundir to /var/run/sudo
+ debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
shipping init script and service file, as they are no longer
necessary.
+ debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
init script with dpkg-maintscript-helper.
+ debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
transition code, remove old /var/lib/sudo/ts timestamp directory.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudoers:
+ also grant admin group sudo access
- debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
- debian/control:
+ dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
- Remaining patches:
+ keep_home_by_default.patch: Keep HOME in the default environment
+ debian/patches/also_check_sudo_group.diff: also check the sudo group
in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
admin group check for backwards compatibility.
- Dropped patches no longer needed:
+ debian/patches/pam_check_untranslated_prompt.patch: upstream.
sudo (1.8.15-1.1) unstable; urgency=medium
* Non-maintainer upload
* Disable editing of files via user-controllable symlinks
(Closes: #804149) (CVE-2015-5602)
- Fix directory writability checks for sudoedit
- Enable sudoedit directory writability checks by default
sudo (1.8.15-1) unstable; urgency=low
* new upstream version, closes: #804149
* use --with-exampledir to deliver example files more cleanly
-- Marc Deslauriers <email address hidden> Wed, 30 Mar 2016 08:03:52 -0400
-
sudo (1.8.12-1ubuntu3) wily; urgency=medium
* debian/patches/pam_check_untranslated_prompt.patch: also check the un-
translated version of the prompt when checking if the PAM prompt matches
"Password:". Patch from Joel Pelaez Jorge. (LP: #1414303)
-- Mathieu Trudel-Lapierre <email address hidden> Tue, 22 Sep 2015 11:57:43 -0400