-
sudo (1.8.16-0ubuntu3.3) yakkety; urgency=medium
* Terminate with the same signal as the command (LP: #1686803)
This fixes a regression introduced in sudo 1.8.15 changeset
10229:153f016db8f1.
-- Balint Reczey <email address hidden> Tue, 13 Jun 2017 11:00:03 +0200
-
sudo (1.8.16-0ubuntu3.2) yakkety-security; urgency=medium
* SECURITY UPDATE: /proc/self/stat parsing confusion
- debian/patches/CVE-2017-1000367.patch: adjust parsing to
find ttyname
- CVE-2017-1000367
-- Steve Beattie <email address hidden> Mon, 29 May 2017 03:24:16 -0700
-
sudo (1.8.16-0ubuntu3.1) yakkety; urgency=medium
* sssd-doesnt-handle-netgroups.diff, sssd-fix-matching-loop.diff:
Only check username as part of the netgroup when netgroup_tuple is enabled.
(LP: #1607666)
-- Timo Aaltonen <email address hidden> Mon, 16 Jan 2017 11:49:18 +0200
-
sudo (1.8.16-0ubuntu3) yakkety; urgency=medium
* debian/sudoers:
- include /snap/bin in the secure_path (LP: #1595558)
-- Michael Vogt <email address hidden> Mon, 15 Aug 2016 18:08:34 +0200
-
sudo (1.8.16-0ubuntu2) yakkety; urgency=medium
* debian/patches/lp1565567.patch: fix crash when looking up a negative
cached entry which is stored as a NULL passwd or group struct pointer
in plugins/sudoers/pwutil.c. (LP: #1565567)
-- Marc Deslauriers <email address hidden> Wed, 04 May 2016 11:31:55 -0400
-
sudo (1.8.16-0ubuntu1) xenial; urgency=medium
* Update to new upstream version 1.8.16. (LP: #1563825)
- Dropped patches no longer needed:
+ CVE-2015-5602-6.patch
+ CVE-2015-5602-7.patch
* Merge from Debian unstable. Remaining changes:
- Use tmpfs location to store timestamp files
+ debian/rules: change --with-rundir to /var/run/sudo
+ debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
shipping init script and service file, as they are no longer
necessary.
+ debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
init script with dpkg-maintscript-helper.
+ debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
transition code, remove old /var/lib/sudo/ts timestamp directory.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets --enable-admin-flag
+ install man/man8/sudo_root.8 in both flavours
+ install apport hooks
- debian/sudoers:
+ also grant admin group sudo access
- debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
+ add usr/share/apport/package-hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
- debian/control:
+ dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
- Remaining patches:
+ keep_home_by_default.patch: Keep HOME in the default environment
+ debian/patches/also_check_sudo_group.diff: also check the sudo group
in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
admin group check for backwards compatibility.
- Dropped patches no longer needed:
+ debian/patches/pam_check_untranslated_prompt.patch: upstream.
sudo (1.8.15-1.1) unstable; urgency=medium
* Non-maintainer upload
* Disable editing of files via user-controllable symlinks
(Closes: #804149) (CVE-2015-5602)
- Fix directory writability checks for sudoedit
- Enable sudoedit directory writability checks by default
sudo (1.8.15-1) unstable; urgency=low
* new upstream version, closes: #804149
* use --with-exampledir to deliver example files more cleanly
-- Marc Deslauriers <email address hidden> Wed, 30 Mar 2016 08:03:52 -0400