sudo (1.9.13p3-1+deb12u1) bookworm; urgency=medium * add upstream patch to fix event log format. Thanks to Kimmo Suominen (Closes: #1039557) -- Marc Haber <mh+debian-packages@zugschlus.de> Tue, 27 Jun 2023 13:45:00 +0200 sudo (1.9.13p3-1) unstable; urgency=medium * new upstream version: * Fix potential double free for CHROOT= rules CVE-2023-27320. (Closes: #1032163) * Fix --enable-static-sudoers regression * check for overflow as result of fuzzing efforts * Fix parser regression disallowing rules for user "list" * Fix eventloop hang if there is /dev/tty data * Fix sudo -l command args regression * Fix sudo -l -U someuser regression * Fix list privs regression -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 08 Mar 2023 21:17:05 +0100 sudo (1.9.13p1-1) unstable; urgency=medium * new upstream version 1.9.13p1 * remove unnecessary changelog creation patch * remove lsb-base from dependencies -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 18 Feb 2023 13:03:19 +0100 sudo (1.9.12p2-1) unstable; urgency=high * new upstream version 1.9.12p2 * this fixes CVE-2023-22809: Sudoedit can edit arbitrary files -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 18 Jan 2023 16:19:23 +0100 sudo (1.9.12p1-1) unstable; urgency=low * new upstream version 1.9.12p1 * update patches * update debian/copyright * Add upstream patch to silence libgcrypt error message. Thanks to Francesco P. Lovergine (Closes: #1019428) * Standards-Version: 4.6.2 (no changes necessary) * clean out obsolete lintian overrides * Add patch to disable regeneration of upstream ChangeLog from git. Thanks to Gioele Barabucci (Closes: #1025740) * remove extra whitespace from debconf-get-selections output. * add autopkgtest for sudo with sssd (Closes: #1004910) [ Niels Thykier ] * Support building sudo without (fake)root. [ Gioele Barabucci ] * Use dh_installnss to add ldap to sudoers NSS database * Add libnss-sudo package. (Closes: #1023524) -- Marc Haber <mh+debian-packages@zugschlus.de> Sun, 15 Jan 2023 13:58:48 +0100 sudo (1.9.11p3-1) unstable; urgency=low * new upstream version 1.9.11p3 -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 23 Mar 2022 10:50:16 +0100 sudo (1.9.10-3) unstable; urgency=medium * some changes to 03-getroot-ldap autopkgtest to find out about ppc64el failure -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 23 Mar 2022 10:38:39 +0100 sudo (1.9.10-2) unstable; urgency=medium * upload to unstable (fixed autopkgtest is needed to allow adduser to migrate) -- Marc Haber <mh+debian-packages@zugschlus.de> Mon, 21 Mar 2022 11:49:06 +0100 sudo (1.9.10-1) experimental; urgency=medium * new upstream version * unverified upstream changelog * implement workaround if /proc/self/stat is invalid. (Closes: #940533) * Fix compilation problem on kFreeBSD. (Closes: #1004909) (different fix than the Debian patch, disable Debian patch) * get rid of e-mails "problem with defaults entries" in sss configurations. (Closes: #793660) * regular expression support for sudoers. (Closes: #945366) * handle /proc/self/fd in qemu. * Apply Upstream Patch to allow test suite with non-english LANG https://bugzilla.sudo.ws/show_bug.cgi?id=1025 * Apply Upstream Patch to allow test suite with faketime * re-introduce MVPROG patch that got lost in dh migration. Thanks to Vagrant Cascadian (Closes: #976307) * revert back to directly shipping the mask symlink in the package. Thanks to Michael Biebl (Closes: #1004730) * adopt configure changes from Ubuntu --without-lecture --with-tty-tickets --enable-admin-flag (Closes: #1006273) * fix wrong handling of --with-systemd-tmpfiles.d * bring OPTIONS up to date. * have upstream install docs directly to correct directory * let debhelper handle the upstream changelog * remove LICENSE.md in both packages * autopkgtest: send deluser stderr to null in cleanup * Add cron to autopkgtest 03-getroot-ldap dependencies * improve lintian overrides -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 18 Mar 2022 14:31:30 +0100 sudo (1.9.9-1) unstable; urgency=medium * new upstream version * audit plugin now handles unresolvable hostname better Thanks to Sven Mueller (Closes: #1003969) * better document environment handling. Thanks to Arnout Engelen (Closes: #659101) * README files now come as markdown * schemas are now in docs subdirectory * LICENSE is now LICENSE.md [ Marc Haber ] * refresh patches * mark paths-in-samples.diff expicitly as not forwarded * have systemd-tmpfiles clean up /run/sudo on boot * lintian overrides: * improve 'em in various places * give better explanations * override long line warnings * override typo warning for a literal film quote * use correct lintian tag for override init script without unit * init script / systemd units * guarantee init script no-op on systemd systems * mask sysv init script on systemd systems in postinst instead of debian/rules * actually remove masking of service in postrm * maintainer scripts * document when .dist file removal was added to that it can be eventually removed * document when alternative removal was added to that it can be eventually removed * add a test to check for presence of #1003969 * Standards-Version: 4.6.0 (no changes) * use uscan version 4 * honor nocheck DEB_BUILD_OPTION [ Hilko Bengen ] * More improvement for Lintian overrides * Convert debian/copyright to machine-readable format, using information from upstream-provided LICENSE.md file -- Marc Haber <mh+debian-packages@zugschlus.de> Mon, 31 Jan 2022 20:19:55 +0100 sudo (1.9.8p2-1) unstable; urgency=medium * add more autopkgtests (especially for LDAP) * improve existing autopkgtests * debian/patches: * Remove typo-in-classic-insults.diff, reflectinc upstream's decision to not fix the typo as a way of remembering Evi Nemeth. * remove unneeded sudo-success_return. patch * mark debian/patches/sudo-ldap-docs as Forwarded: not-needed * add DEP3 headers * mention #1001858 in sudo.prerm * comment some lintian-overrides with unclear results -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 18 Dec 2021 14:55:08 +0100 sudo (1.9.8p2-1~exp1) experimental; urgency=medium [ Marc Haber ] * new upstream version 1.9.8p2-1 * this correctly handles double defined alases (Closes: #985412) * improve sudoers.ldap.manpage. Thanks to Dennis Filder and Eric Brun (Closes: #981190) * refresh patches * remove prompting for wrong sudo group id (Closes: #605576) * give better docs for LDAP success behavior. Thanks to Dennis Filder (Closes: 981190) * remove unneeded mandoc from Build-Depends. Thanks to Ingo Schwarze * Restore inclusion of pam_limits.so PAM module. Thanks to Salvatore Bonaccorso (Closes: 518464) * Use @includedir in sudoers.d/README (Closes: #993815) * Other improvements for sudoers.d/README. Thanks to Josh Triplett (Closes: #994962) * add some (simple) autopkgtests * better short description for sudo-ldap * use https in debian/watch * some changes to patch headers for Lintian * manually remove executable bit from shared libs * explicitly write set -e in maintainer scripts * debian/control: set Rules-Requires-Root: binary-targets * add first/trivial autopkgtests [ Hilko Bengen ] * Update lintian-overrides files * Remove group sudo / gid=27 check from postinst scripts [ Otto Kekäläinen ] * Add basic Salsa-CI for project quality assurance -- Marc Haber <mh+debian-packages@zugschlus.de> Sun, 12 Dec 2021 22:45:15 +0100 sudo (1.9.6-1~exp2) experimental; urgency=low [ Marc Haber ] * add use_pty to default configuration, fixing CVE-2005-4890. Thanks to Daniel Kahn Gillmor (Closes: #657784) * Add group specific defaults for environment variables (commented out) Thanks to Josh Triplett * remove --disable-setresuid from sudo-ldap as well. Thanks to Dennis Filder (Closes: #985307) [ Hilko Bengen ] * Add PAM config for interactive login use (Closes: #690044) * Actually configure sudo to use pam / sudo-i -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 02 Apr 2021 18:15:21 +0200 sudo (1.9.6-1~exp1) experimental; urgency=medium * new upstream version * add upstream signature * refresh patches * remove NO_ROOT_MAILER patch (incorporated upstream) -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 12 Mar 2021 22:06:59 +0100 sudo (1.9.5p2-3+exp1) experimental; urgency=medium [ Marc Haber ] * convert package to dh * rename init scripts to be picked up by new debhelper * rename and update lintian overrides * let /run directory be created by systemd * remove documentation files that are installed by upstream scripts * clear dependency path in .la files * add Pre-Depends: ${misc:Pre-Depends} * override package-has-unnecessary-activation-of-ldconfig-trigger [ Bastian Blank ] * Move stuff to /usr/libexec. * Use dpkg provided make snippets * Provide build-flags via environment * Use easier to read multi-line variables * Remove not require prefix override * Move stuff to /usr/libexec [ Hilko Bengen ] * Remove unneeded Built-Using * Simplify dh_auto_* overrides * Further simplification * debian/rules: Remove another unneeded variable * Don't ship *.la files * Add Apport script -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 12 Mar 2021 20:48:13 +0100 sudo (1.9.5p2-3) unstable; urgency=medium * new maintainer team and uploaders (Closes: #976244) * sudo is now team maintained * add Uploaders field * move salsa repo to team-sudo group * refresh patches * Adapt README.LDAP to the actual state of sudo-ldap (Closes: #442871) * add Apport hook. Thanks to Balint Reczey (Closes: 881671) -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 27 Feb 2021 09:28:03 +0100 sudo (1.9.5p2-2) unstable; urgency=medium * patch from upstream repo to fix NO_ROOT_MAILER -- Bdale Garbee <bdale@gag.com> Fri, 29 Jan 2021 18:12:32 -0700 sudo (1.9.5p2-1) unstable; urgency=high * new upstream version, addresses CVE-2021-3156 -- Bdale Garbee <bdale@gag.com> Tue, 26 Jan 2021 21:20:05 -0700 sudo (1.9.5p1-1.1) unstable; urgency=high * Non-maintainer upload. * Heap-based buffer overflow (CVE-2021-3156) - Reset valid_flags to MODE_NONINTERACTIVE for sudoedit - Add sudoedit flag checks in plugin that are consistent with front-end - Fix potential buffer overflow when unescaping backslashes in user_args - Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL - Don't assume that argv is allocated as a single flat buffer -- Salvatore Bonaccorso <carnil@debian.org> Wed, 20 Jan 2021 10:11:47 +0100 sudo (1.9.5p1-1) unstable; urgency=medium * new upstream version, closes: #980028 -- Bdale Garbee <bdale@gag.com> Wed, 13 Jan 2021 01:09:19 -0700 sudo (1.9.5-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Mon, 11 Jan 2021 15:15:48 -0700 sudo (1.9.4p2-2) unstable; urgency=medium * always use /bin/mv to ensure reproducible builds whether built on a usrmerge or non-usrmerge system, closes: #976307 -- Bdale Garbee <bdale@gag.com> Sun, 03 Jan 2021 09:11:13 -0700 sudo (1.9.4p2-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Sun, 20 Dec 2020 17:43:54 -0700 sudo (1.9.4p1-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Thu, 17 Dec 2020 17:35:55 -0700 sudo (1.9.4-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Tue, 01 Dec 2020 22:10:03 -0500 sudo (1.9.3p1-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Thu, 24 Sep 2020 11:10:02 -0600 sudo (1.9.3-1) unstable; urgency=medium * new upstream version * make the comment match the text in default sudoers, closes: #964922 * enable zlib, closes: #846077 -- Bdale Garbee <bdale@gag.com> Mon, 21 Sep 2020 17:11:30 -0600 sudo (1.9.1-2) unstable; urgency=medium * change # to @ on includedir in default sudoers to reduce confusion with a comment, such as in 964922 -- Bdale Garbee <bdale@gag.com> Sun, 12 Jul 2020 09:52:08 -0600 sudo (1.9.1-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Fri, 19 Jun 2020 15:44:09 -0600 sudo (1.9.0-1) unstable; urgency=medium * new upstream version, closes: #669687, #571621, #734752 -- Bdale Garbee <bdale@gag.com> Wed, 13 May 2020 18:34:59 -0600 sudo (1.8.31p1-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Thu, 19 Mar 2020 15:47:17 -0600 sudo (1.8.31-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Sat, 01 Feb 2020 23:07:09 -0800 sudo (1.8.29-1) unstable; urgency=medium * new upstream version * make --libexecdir use /usr/lib instead of /usr/lib/sudo, closes: #943313 -- Bdale Garbee <bdale@gag.com> Mon, 28 Oct 2019 19:27:42 -0600 sudo (1.8.28p1-1) unstable; urgency=medium * new upstream version -- Bdale Garbee <bdale@gag.com> Tue, 22 Oct 2019 16:13:34 -0600 sudo (1.8.27-1.1) unstable; urgency=high * Non-maintainer upload. * Treat an ID of -1 as invalid since that means "no change" (CVE-2019-14287) (Closes: #942322) * Fix test failure in plugins/sudoers/regress/testsudoers/test5.sh -- Salvatore Bonaccorso <carnil@debian.org> Mon, 14 Oct 2019 21:10:58 +0200 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog sudo`.
Generated by dwww version 1.15 on Mon Jul 1 04:26:53 CEST 2024.