Ubuntu
sudo package

Merge ~danilogondolfo/ubuntu/+source/sudo:merge-lp2020470-mantic into ubuntu/+source/sudo:debian/sid

Proposed by Danilo Egea Gondolfo on 2023-05-23

Status:

Needs review

Proposed branch:

~danilogondolfo/ubuntu/+source/sudo:merge-lp2020470-mantic

Merge into:

ubuntu/+source/sudo:debian/sid

Diff against target:

1791 lines (+1386/-52)

10 files modified

debian/changelog (+1226/-0)
debian/control (+2/-1)
debian/etc/pam.d/sudo (+3/-0)
debian/etc/pam.d/sudo-i (+3/-0)
debian/etc/sudoers (+4/-1)
debian/sudo-ldap.manpages (+1/-0)
debian/sudo.manpages (+1/-0)
debian/sudo_root.8 (+138/-0)
debian/tests/control (+8/-4)
dev/null (+0/-46)

Undecided

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Steve Langasek (community)	2023-05-23	Approve on 2023-06-07
git-ubuntu import	2023-05-23	Pending
Review via email: mp+443422@code.launchpad.net

Revision history for this message

William Wilson (jawn-smith) wrote on 2023-05-25:

Tests are working and the code change looks good. I have one minor request: Could you separate the changelog section:

```
- Drop patch for issue fixed upstream
+ + debian/patches/CVE-2023-27320.patch
```

Into a top level bullet point titled `Dropped changes, now included in Debian:` similar to how I did it when uploading version 1.9.5p2-3ubuntu1? I think having that as a separate top-level bullet point in the changelog entry makes it more clear that it's a dropped patch and not a "Remaining change"

Revision history for this message

Danilo Egea Gondolfo (danilogondolfo) wrote on 2023-05-25:

Thanks, William. I updated the changelog.

Revision history for this message

Steve Langasek (vorlon) wrote on 2023-06-07:

This is already uploaded, adding my approval to take it off the sponsorship queue

review: Approve

Unmerged commits

55c13c9... by Danilo Egea Gondolfo on 2023-05-23: changelog
e4f9adf... by Danilo Egea Gondolfo on 2023-05-23: - Drop patch for issue fixed upstream
+ debian/patches/CVE-2023-27320.patch
36a84b8... by Danilo Egea Gondolfo on 2023-05-23: * SECURITY UPDATE: double free with per-command chroot sudoers rules
  - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in
    MANIFEST, plugins/sudoers/match_command.c,
    plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
    plugins/sudoers/regress/testsudoers/test20.out.ok,
    plugins/sudoers/regress/testsudoers/test20.sh,
    plugins/sudoers/testsudoers.c,
    plugins/sudoers/visudo.c.
  - CVE-2023-27320
fd7981a... by Danilo Egea Gondolfo on 2023-05-23: - debian/control:
+ Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
(for context see LP: 1915250)
764701b... by Danilo Egea Gondolfo on 2023-05-23: - debian/tests/control: 03-getroot-ldap:
+ allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
0d1e300... by Danilo Egea Gondolfo on 2023-05-23: - debian/etc/sudoers:
+ also grant admin group sudo access
+ include /snap/bin in the secure_path
50b2a02... by Danilo Egea Gondolfo on 2023-05-23: - debian/etc/pam.d/sudo[-i]:
  + Use pam_env to read /etc/environment and /etc/default/locale
    environment files. Reading ~/.pam_environment is not permitted due
    to security reasons.
52299da... by Danilo Egea Gondolfo on 2023-05-23: - debian/sudo[-ldap].init: delete init scripts, as they are no longer
necessary.
2945051... by Danilo Egea Gondolfo on 2023-05-23: - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Danilo Egea Gondolfo

git-ubuntu developers

Ubuntu
sudo package

Merge ~danilogondolfo/ubuntu/+source/sudo:merge-lp2020470-mantic into ubuntu/+source/sudo:debian/sid

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

 diff --git a/debian/changelog b/debian/changelog
 index 5e9d940..b251a89 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,26 @@
++sudo (1.9.13p3-1ubuntu1) mantic; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
++    - debian/sudo[-ldap].init: delete init scripts, as they are no longer
++      necessary.
++    - debian/etc/pam.d/sudo[-i]:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/etc/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/tests/control: 03-getroot-ldap:
++      + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
++    - debian/control:
++      + Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
++      (for context see LP 1915250)
++  * Dropped changes, now included in Debian:
++    - debian/patches/CVE-2023-27320.patch
++
++ -- Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>  Tue, 23 May 2023 14:34:04 +0100
++
  sudo (1.9.13p3-1) unstable; urgency=medium
    * new upstream version:
@@ -13,6 +36,44 @@ sudo (1.9.13p3-1) unstable; urgency=medium
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Wed, 08 Mar 2023 21:17:05 +0100
++sudo (1.9.13p1-1ubuntu2) lunar; urgency=medium
++
++  * SECURITY UPDATE: double free with per-command chroot sudoers rules
++    - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in
++      MANIFEST, plugins/sudoers/match_command.c,
++      plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
++      plugins/sudoers/regress/testsudoers/test20.out.ok,
++      plugins/sudoers/regress/testsudoers/test20.sh,
++      plugins/sudoers/testsudoers.c,
++      plugins/sudoers/visudo.c.
++    - CVE-2023-27320
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 01 Mar 2023 08:51:34 -0500
++
++sudo (1.9.13p1-1ubuntu1) lunar; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
++    - debian/sudo[-ldap].init: delete init scripts, as they are no longer
++      necessary.
++    - debian/etc/pam.d/sudo[-i]:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/etc/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/tests/control: 03-getroot-ldap:
++      + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
++    - debian/control:
++      + Drop Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
++        (for context see LP: 1915250)
++    - Drop patches for issues fixed upstream
++      + d/p/CVE-2023-22809.patch
++      + d/p/Add-XDG_CURRENT_DESKTOP-to-initial_keepenv_table.patch
++
++ -- Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>  Mon, 20 Feb 2023 17:38:07 +0000
++
  sudo (1.9.13p1-1) unstable; urgency=medium
    * new upstream version 1.9.13p1
@@ -52,12 +113,75 @@ sudo (1.9.12p1-1) unstable; urgency=low
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Sun, 15 Jan 2023 13:58:48 +0100
++sudo (1.9.11p3-1ubuntu3) lunar; urgency=medium
++
++  * SECURITY UPDATE: arbitrary file overwrite via sudoedit
++    - debian/patches/CVE-2023-22809.patch: do not permit editor arguments
++      to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c,
++      plugins/sudoers/visudo.c.
++    - CVE-2023-22809
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 18 Jan 2023 12:46:34 -0500
++
++sudo (1.9.11p3-1ubuntu2) lunar; urgency=medium
++
++  * No-change rebuild against libldap-2
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Thu, 15 Dec 2022 19:57:01 +0000
++
++sudo (1.9.11p3-1ubuntu1) kinetic; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/control:
++      + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
++    - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
++    - debian/sudo[-ldap].init: delete init scripts, as they are no longer
++      necessary.
++    - debian/etc/pam.d/sudo[-i]:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/etc/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/tests/control: 03-getroot-ldap:
++      + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
++    - Add XDG_CURRENT_DESKTOP to initial_keepenv_table for Qt to determine the
++      correct theme (LP: #1958055)
++
++ -- Benjamin Drung <bdrung@ubuntu.com>  Tue, 23 Aug 2022 10:06:34 +0200
++
  sudo (1.9.11p3-1) unstable; urgency=low
    * new upstream version 1.9.11p3
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Wed, 23 Mar 2022 10:50:16 +0100
++sudo (1.9.10-3ubuntu1) kinetic; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/control:
++      + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
++    - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
++    - debian/sudo[-ldap].init: delete init scripts, as they are no longer
++      necessary.
++    - debian/etc/pam.d/sudo[-i]:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/etc/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/tests/control: 03-getroot-ldap:
++      + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
++  * Dropped changes (applied in Debian):
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++  * Add XDG_CURRENT_DESKTOP to initial_keepenv_table for Qt to determine the
++    correct theme (LP: #1958055)
++
++ -- Benjamin Drung <bdrung@ubuntu.com>  Wed, 03 Aug 2022 10:45:04 +0200
++
  sudo (1.9.10-3) unstable; urgency=medium
    * some changes to 03-getroot-ldap autopkgtest to find out
@@ -104,6 +228,37 @@ sudo (1.9.10-1) experimental; urgency=medium
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Fri, 18 Mar 2022 14:31:30 +0100
++sudo (1.9.9-1ubuntu2) jammy; urgency=medium
++
++  * d/t/control: skip 03-getroot-ldap autopkgtest on non-containers
++
++ -- Lukas Märdian <slyon@ubuntu.com>  Mon, 14 Feb 2022 12:48:05 +0100
++
++sudo (1.9.9-1ubuntu1) jammy; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/control:
++      + Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++    - debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
++    - debian/sudo[-ldap].init: delete init scripts, as they are no longer
++      necessary.
++    - debian/etc/pam.d/sudo[-i]:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/etc/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/tests/control: 03-getroot-ldap:
++      + allow removal of 'sudo' in autopkgtest (SUDO_FORCE_REMOVE=yes)
++  * Dropped changes:
++    - debian/rules:
++       + use dh-autoreconf (converted to using dh)
++
++ -- Lukas Märdian <slyon@ubuntu.com>  Tue, 08 Feb 2022 12:01:45 +0100
++
  sudo (1.9.9-1) unstable; urgency=medium
    * new upstream version
@@ -253,6 +408,37 @@ sudo (1.9.5p2-3+exp1) experimental; urgency=medium
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Fri, 12 Mar 2021 20:48:13 +0100
++sudo (1.9.5p2-3ubuntu2) impish; urgency=medium
++
++  * No-change rebuild due to OpenLDAP soname bump.
++
++ -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Mon, 21 Jun 2021 18:09:32 -0400
++
++sudo (1.9.5p2-3ubuntu1) impish; urgency=low
++
++  * Merge from Debian unstable (LP: #1929110). Remaining changes:
++    - debian/rules:
++       + use dh-autoreconf
++    - debian/rules: stop shipping init scripts, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++  * Dropped changes, now included in Debian:
++    - debian/rules:
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++
++ -- William 'jawn-smith' Wilson <william.wilson@canonical.com>  Thu, 20 May 2021 15:43:31 +0000
++
  sudo (1.9.5p2-3) unstable; urgency=medium
    * new maintainer team and uploaders (Closes: #976244)
@@ -266,6 +452,49 @@ sudo (1.9.5p2-3) unstable; urgency=medium
   -- Marc Haber <mh+debian-packages@zugschlus.de>  Sat, 27 Feb 2021 09:28:03 +0100
++sudo (1.9.5p2-2ubuntu3) hirsute; urgency=medium
++
++  * No change rebuild with fixed ownership.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Thu, 18 Feb 2021 00:03:21 +0000
++
++sudo (1.9.5p2-2ubuntu2) hirsute; urgency=medium
++
++  * No change rebuild against new permissions ABI. LP: #1915250
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Tue, 16 Feb 2021 10:39:16 +0000
++
++sudo (1.9.5p2-2ubuntu1) hirsute; urgency=low
++
++  * Merge from Debian unstable. (LP: #1915307)
++    * Remaining changes:
++      - debian/rules:
++        + use dh-autoreconf
++      - debian/rules: stop shipping init scripts, as they are no longer
++        necessary.
++      - debian/rules:
++        + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++        + install man/man8/sudo_root.8 in both flavours
++        + install apport hooks
++      - debian/sudo-ldap.dirs, debian/sudo.dirs:
++        + add usr/share/apport/package-hooks
++      - debian/sudo.pam:
++        + Use pam_env to read /etc/environment and /etc/default/locale
++          environment files. Reading ~/.pam_environment is not permitted due
++          to security reasons.
++      - debian/sudoers:
++        + also grant admin group sudo access
++        + include /snap/bin in the secure_path
++    * Dropped patches, no longer needed because they are integrated in Debian:
++      - CVE-2021-23239.patch
++      - CVE-2021-3156-1.patch
++      - CVE-2021-3156-2.patch
++      - CVE-2021-3156-3.patch
++      - CVE-2021-3156-4.patch
++      - CVE-2021-3156-5.patch
++
++ -- William 'jawn-smith' Wilson <william.wilson@canonical.com>  Wed, 10 Feb 2021 05:42:42 -0600
++
  sudo (1.9.5p2-2) unstable; urgency=medium
    * patch from upstream repo to fix NO_ROOT_MAILER
@@ -302,6 +531,60 @@ sudo (1.9.5-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Mon, 11 Jan 2021 15:15:48 -0700
++sudo (1.9.4p2-2ubuntu3) hirsute; urgency=medium
++
++  * SECURITY UPDATE: ineffective NO_ROOT_MAILER hardening option
++    - debian/patches/ineffective_no_root_mailer.patch: fix NO_ROOT_MAILER
++      in plugins/sudoers/logging.c, plugins/sudoers/policy.c.
++    - No CVE number
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Sat, 30 Jan 2021 14:35:13 -0500
++
++sudo (1.9.4p2-2ubuntu2) hirsute; urgency=medium
++
++  * SECURITY UPDATE: dir existence issue via sudoedit race
++    - debian/patches/CVE-2021-23239.patch: fix potential directory existing
++      info leak in sudoedit in src/sudo_edit.c.
++    - CVE-2021-23239
++  * SECURITY UPDATE: heap-based buffer overflow
++    - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
++      MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
++    - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
++      plugin in plugins/sudoers/policy.c.
++    - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
++      when unescaping backslashes in plugins/sudoers/sudoers.c.
++    - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
++      converting a v1 timestamp to TS_LOCKEXCL in
++      plugins/sudoers/timestamp.c.
++    - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
++      allocated as a single flat buffer in src/parse_args.c.
++    - CVE-2021-3156
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 26 Jan 2021 14:37:48 -0500
++
++sudo (1.9.4p2-2ubuntu1) hirsute; urgency=low
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/rules:
++      + use dh-autoreconf
++    - debian/rules: stop shipping init scripts, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 06 Jan 2021 13:51:07 -0800
++
  sudo (1.9.4p2-2) unstable; urgency=medium
    * always use /bin/mv to ensure reproducible builds whether built on a
@@ -327,6 +610,29 @@ sudo (1.9.4-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Tue, 01 Dec 2020 22:10:03 -0500
++sudo (1.9.3p1-1ubuntu1) hirsute; urgency=low
++
++  * Merge from Debian unstable.  Remaining changes:
++    - debian/rules:
++      + use dh-autoreconf
++    - debian/rules: stop shipping init scripts, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Sat, 24 Oct 2020 17:14:39 -0700
++
  sudo (1.9.3p1-1) unstable; urgency=medium
    * new upstream version
@@ -348,12 +654,61 @@ sudo (1.9.1-2) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Sun, 12 Jul 2020 09:52:08 -0600
++sudo (1.9.1-1ubuntu1) groovy; urgency=low
++
++  * Merge from Debian unstable.  Remaining changes:
++    - debian/rules:
++      + use dh-autoreconf
++    - debian/rules: stop shipping init scripts, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 08 Jul 2020 09:38:55 -0700
++
  sudo (1.9.1-1) unstable; urgency=medium
    * new upstream version
   -- Bdale Garbee <bdale@gag.com>  Fri, 19 Jun 2020 15:44:09 -0600
++sudo (1.9.0-1ubuntu1) groovy; urgency=low
++
++  * Merge from Debian unstable.  Remaining changes:
++    - debian/rules:
++      + use dh-autoreconf
++    - debian/rules: stop shipping init scripts, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due
++        to security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++  * Dropped changes, no longer needed:
++    - debian/control:
++      + use dh-autoreconf
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 20 May 2020 17:07:02 -0700
++
  sudo (1.9.0-1) unstable; urgency=medium
    * new upstream version, closes: #669687, #571621, #734752
@@ -366,12 +721,64 @@ sudo (1.8.31p1-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Thu, 19 Mar 2020 15:47:17 -0600
++sudo (1.8.31-1ubuntu1) focal; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 03 Feb 2020 09:32:18 -0500
++
  sudo (1.8.31-1) unstable; urgency=medium
    * new upstream version
   -- Bdale Garbee <bdale@gag.com>  Sat, 01 Feb 2020 23:07:09 -0800
++sudo (1.8.29-1ubuntu1) focal; urgency=medium
++
++  * Merge from Debian unstable.
++    Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++  * Removed patches included in new version:
++    - debian/patches/CVE-2019-14287.patch
++    - debian/patches/CVE-2019-14287-2.patch
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 26 Nov 2019 13:13:21 -0500
++
  sudo (1.8.29-1) unstable; urgency=medium
    * new upstream version
@@ -394,6 +801,59 @@ sudo (1.8.27-1.1) unstable; urgency=high
   -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 14 Oct 2019 21:10:58 +0200
++sudo (1.8.27-1ubuntu4) eoan; urgency=medium
++
++  * SECURITY UPDATE: privilege escalation via UID -1
++    - debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid
++      in lib/util/strtoid.c.
++    - debian/patches/CVE-2019-14287-2.patch: fix and add to tests in
++      lib/util/regress/atofoo/atofoo_test.c,
++      plugins/sudoers/regress/testsudoers/test5.out.ok,
++      plugins/sudoers/regress/testsudoers/test5.sh.
++    - CVE-2019-14287
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 15 Oct 2019 07:09:02 -0400
++
++sudo (1.8.27-1ubuntu3) eoan; urgency=medium
++
++  * No-change upload with strops.h and sys/strops.h removed in glibc.
++
++ -- Matthias Klose <doko@ubuntu.com>  Thu, 05 Sep 2019 11:12:29 +0000
++
++sudo (1.8.27-1ubuntu2) eoan; urgency=medium
++
++  * Remove d/p/keep_home_by_default.patch (LP: #1556302)
++    - This restores sudo handling of $HOME to what everyone else does
++
++ -- Dan Streetman <ddstreet@canonical.com>  Tue, 04 Jun 2019 08:58:02 -0400
++
++sudo (1.8.27-1ubuntu1) disco; urgency=medium
++
++  * Merge from Debian unstable.
++    Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++
++ -- Balint Reczey <rbalint@ubuntu.com>  Tue, 19 Feb 2019 09:30:21 +0100
++
  sudo (1.8.27-1) unstable; urgency=medium
    * new upstream version
@@ -418,6 +878,33 @@ sudo (1.8.26-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Mon, 19 Nov 2018 00:32:06 -1000
++sudo (1.8.23-2ubuntu1) cosmic; urgency=medium
++
++  * Merge from Debian unstable.
++    Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++
++ -- Balint Reczey <rbalint@ubuntu.com>  Thu, 23 Aug 2018 19:36:40 +0200
++
  sudo (1.8.23-2) unstable; urgency=high
    * fix FTBFS due to earlier sudoers2ldif removal, closes: #903415
@@ -430,12 +917,76 @@ sudo (1.8.23-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Mon, 30 Apr 2018 20:55:10 -0600
++sudo (1.8.21p2-3ubuntu1) bionic; urgency=medium
++
++  * Merge from Debian unstable.
++    Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++
++ -- Balint Reczey <rbalint@ubuntu.com>  Thu, 18 Jan 2018 01:08:16 +0100
++
  sudo (1.8.21p2-3) unstable; urgency=medium
    * include sssd support in the sudo-ldap build too, closes: #884741
   -- Bdale Garbee <bdale@gag.com>  Mon, 18 Dec 2017 21:55:18 -0700
++sudo (1.8.21p2-2ubuntu1) bionic; urgency=medium
++
++  * Merge from Debian unstable. (LP: #1731981)
++    Remaining changes:
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++    Dropped changes since they are integrated in Debian:
++    - Use tmpfs location to store timestamp files
++      + debian/rules: change --with-rundir to /var/run/sudo
++      + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
++        init script with dpkg-maintscript-helper.
++    Dropped changes since the the transition took place already in every
++    release the package can be upgraded from:
++      + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
++        transition code, remove old /var/lib/sudo/ts timestamp directory.
++  * Refresh patches
++
++ -- Balint Reczey <rbalint@ubuntu.com>  Mon, 13 Nov 2017 17:53:45 +0100
++
  sudo (1.8.21p2-2) unstable; urgency=medium
    * work harder to clean up mess left by sudo-ldap using /etc/init.d/sudo
@@ -469,6 +1020,41 @@ sudo (1.8.21-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Mon, 28 Aug 2017 09:44:06 -0600
++sudo (1.8.20p2-1ubuntu1) artful; urgency=low
++
++  * Merge from Debian unstable. (LP: #1697587)
++    Remaining changes:
++    - Use tmpfs location to store timestamp files
++      + debian/rules: change --with-rundir to /var/run/sudo
++      + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++        shipping init script and service file, as they are no longer
++        necessary.
++      + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
++        init script with dpkg-maintscript-helper.
++      + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
++        transition code, remove old /var/lib/sudo/ts timestamp directory.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++    - Dropped patches no longer needed:
++      + CVE-2017-1000367.patch
++
++ -- Balint Reczey <rbalint@ubuntu.com>  Mon, 12 Jun 2017 21:51:31 +0200
++
  sudo (1.8.20p2-1) unstable; urgency=medium
    * new upstream version
@@ -498,6 +1084,51 @@ sudo (1.8.20-1) unstable; urgency=medium
   -- Bdale Garbee <bdale@gag.com>  Wed, 10 May 2017 10:25:46 -0600
++sudo (1.8.19p1-1ubuntu2) artful; urgency=medium
++
++  * SECURITY UPDATE: /proc/self/stat parsing confusion
++    - debian/patches/CVE-2017-1000367.patch: adjust parsing to
++      find ttyname
++    - CVE-2017-1000367
++
++ -- Steve Beattie <sbeattie@ubuntu.com>  Mon, 29 May 2017 03:13:37 -0700
++
++sudo (1.8.19p1-1ubuntu1) zesty; urgency=low
++
++  * Merge from Debian unstable. (LP: #1607666)
++    Remaining changes:
++    - Use tmpfs location to store timestamp files
++      + debian/rules: change --with-rundir to /var/run/sudo
++      + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++        shipping init script and service file, as they are no longer
++        necessary.
++      + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
++        init script with dpkg-maintscript-helper.
++      + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
++        transition code, remove old /var/lib/sudo/ts timestamp directory.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/sudoers:
++      + also grant admin group sudo access
++      + include /snap/bin in the secure_path
++    - debian/control, debian/rules:
++      + use dh-autoreconf
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++    - Dropped patches no longer needed:
++      + debian/patches/lp1565567.patch: upstream.
++      + debian/patches/also_check_sudo_group.diff: upstream.
++
++ -- Timo Aaltonen <tjaalton@debian.org>  Sat, 14 Jan 2017 01:41:17 +0200
++
  sudo (1.8.19p1-1) unstable; urgency=medium
    * new upstream version
@@ -538,6 +1169,61 @@ sudo (1.8.17p1-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Tue, 05 Jul 2016 16:01:55 +0200
++sudo (1.8.16-0ubuntu3) yakkety; urgency=medium
++
++  * debian/sudoers:
++    - include /snap/bin in the secure_path (LP: #1595558)
++
++ -- Michael Vogt <michael.vogt@ubuntu.com>  Mon, 15 Aug 2016 18:08:34 +0200
++
++sudo (1.8.16-0ubuntu2) yakkety; urgency=medium
++
++  * debian/patches/lp1565567.patch: fix crash when looking up a negative
++    cached entry which is stored as a NULL passwd or group struct pointer
++    in plugins/sudoers/pwutil.c. (LP: #1565567)
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 04 May 2016 11:31:55 -0400
++
++sudo (1.8.16-0ubuntu1) xenial; urgency=medium
++
++  * Update to new upstream version 1.8.16. (LP: #1563825)
++    - Dropped patches no longer needed:
++      + CVE-2015-5602-6.patch
++      + CVE-2015-5602-7.patch
++  * Merge from Debian unstable. Remaining changes:
++    - Use tmpfs location to store timestamp files
++      + debian/rules: change --with-rundir to /var/run/sudo
++      + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++        shipping init script and service file, as they are no longer
++        necessary.
++      + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old
++        init script with dpkg-maintscript-helper.
++      + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
++        transition code, remove old /var/lib/sudo/ts timestamp directory.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudoers:
++      + also grant admin group sudo access
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/control:
++      + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++      + debian/patches/also_check_sudo_group.diff: also check the sudo group
++        in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
++        admin group check for backwards compatibility.
++    - Dropped patches no longer needed:
++      + debian/patches/pam_check_untranslated_prompt.patch: upstream.
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 30 Mar 2016 08:03:52 -0400
++
  sudo (1.8.15-1.1) unstable; urgency=medium
    * Non-maintainer upload
@@ -555,6 +1241,58 @@ sudo (1.8.15-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Wed, 23 Dec 2015 11:15:22 -0700
++sudo (1.8.12-1ubuntu3) wily; urgency=medium
++
++  * debian/patches/pam_check_untranslated_prompt.patch: also check the un-
++    translated version of the prompt when checking if the PAM prompt matches
++    "Password:". Patch from Joel Pelaez Jorge. (LP: #1414303)
++
++ -- Mathieu Trudel-Lapierre <mathieu-tl@ubuntu.com>  Tue, 22 Sep 2015 11:57:43 -0400
++
++sudo (1.8.12-1ubuntu2) wily; urgency=medium
++
++  * Use tmpfs location to store timestamp files (LP: #1458031)
++    - debian/rules: change --with-rundir to /var/run/sudo
++    - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
++      shipping init script and service file, as they are no longer
++      necessary.
++    - debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init
++      script with dpkg-maintscript-helper.
++    - debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
++      transition code, remove old /var/lib/sudo/ts timestamp directory.
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 05 Jun 2015 09:31:38 -0400
++
++sudo (1.8.12-1ubuntu1) wily; urgency=medium
++
++  * Merge from Debian unstable. (LP: #1451274, LP: #1219337)
++    Remaining changes:
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudoers:
++      + also grant admin group sudo access
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/control:
++      + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++      + debian/patches/also_check_sudo_group.diff: also check the sudo group
++        in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
++        admin group check for backwards compatibility.
++  * Dropped patches no longer needed:
++      + add_probe_interfaces_setting.diff
++      + actually-use-buildflags.diff
++      + CVE-2014-9680.patch
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 13 May 2015 15:43:49 -0400
++
  sudo (1.8.12-1) unstable; urgency=low
    * new upstream version, closes: #772707, #773383
@@ -597,6 +1335,64 @@ sudo (1.8.10p3-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Sun, 14 Sep 2014 10:20:15 -0600
++sudo (1.8.9p5-1ubuntu5) vivid; urgency=medium
++
++  * SECURITY UPDATE: arbitrary file access via TZ
++    - debian/patches/CVE-2014-9680.patch: sanity check TZ env variable in
++      configure, configure.ac, doc/sudoers.cat, doc/sudoers.man.in,
++      doc/sudoers.mdoc.in, m4/sudo.m4, pathnames.h.in,
++      plugins/sudoers/env.c.
++    - CVE-2014-9680
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 12 Mar 2015 10:45:21 -0400
++
++sudo (1.8.9p5-1ubuntu4) vivid; urgency=medium
++
++  * Correct sudo.pam use "session" for pam_env.so, not "auth". (LP:
++    #155794, LP: #25700)
++
++ -- Dimitri John Ledkov <dimitri.j.ledkov@linux.intel.com>  Tue, 23 Dec 2014 04:08:33 +0000
++
++sudo (1.8.9p5-1ubuntu3) vivid; urgency=medium
++
++  * debian/patches/also_check_sudo_group.diff: also check the sudo group
++    in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
++    admin group check for backwards compatibility. (LP: #1387347)
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 29 Oct 2014 15:55:34 -0400
++
++sudo (1.8.9p5-1ubuntu2) utopic; urgency=medium
++
++  * debian/sudo_root.8: mention sudo group instead of deprecated group
++    admin (LP: #1130643)
++
++ -- Andrey Bondarenko <abondarenko@users.sourceforge.net>  Sat, 23 Aug 2014 01:18:05 +0600
++
++sudo (1.8.9p5-1ubuntu1) trusty; urgency=low
++
++  * Merge from Debian unstable.  Remaining changes:
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudoers:
++      + also grant admin group sudo access
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - debian/control:
++      + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++      + actually-use-buildflags: Pass LDFLAGS everywhere
++      + add_probe_interfaces_setting.diff: option to disable network inf probe
++  * add_probe_interfaces_setting.diff: fix to not modify NEWS file.
++
++ -- Chris J Arges <chris.j.arges@ubuntu.com>  Mon, 10 Feb 2014 12:21:53 -0600
++
  sudo (1.8.9p5-1) unstable; urgency=low
    * new upstream release, closes: #735328
@@ -643,6 +1439,33 @@ sudo (1.8.8-3) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Wed, 30 Oct 2013 10:33:44 -0600
++sudo (1.8.8-2ubuntu2) trusty; urgency=medium
++
++  * Build using dh-autoreconf.
++
++ -- Matthias Klose <doko@ubuntu.com>  Sun, 15 Dec 2013 16:24:49 +0100
++
++sudo (1.8.8-2ubuntu1) trusty; urgency=low
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
++      + install man/man8/sudo_root.8 in both flavours
++      + install apport hooks
++    - debian/sudoers:
++      + also grant admin group sudo access
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++    - Remaining patches:
++      + keep_home_by_default.patch: Keep HOME in the default environment
++      + actually-use-buildflags: Pass LDFLAGS everywhere
++
++ -- Stéphane Graber <stgraber@ubuntu.com>  Tue, 22 Oct 2013 17:43:37 -0400
++
  sudo (1.8.8-2) unstable; urgency=low
    * fix touch errors on boot, closes: #725193
@@ -698,6 +1521,72 @@ sudo (1.8.7-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Wed, 14 Aug 2013 00:01:14 +0200
++sudo (1.8.6p3-0ubuntu3) raring; urgency=low
++
++  * SECURITY UPDATE: authentication bypass via clock set to epoch
++    - debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is
++      set to epoch in plugins/sudoers/check.c.
++    - CVE-2013-1775
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 27 Feb 2013 13:26:26 -0500
++
++sudo (1.8.6p3-0ubuntu2) raring; urgency=low
++
++  * The latest sssd upload dropped the soname from libsss_sudo.so, so we
++    can now drop our sudo delta and just use libsss_sudo.so directly.
++
++ -- Stéphane Graber <stgraber@ubuntu.com>  Fri, 07 Dec 2012 23:11:45 -0500
++
++sudo (1.8.6p3-0ubuntu1) raring; urgency=low
++
++  * New upstream release (1.8.6p3).
++  * Add patch to fix building with sssd when ldap is disabled.
++  * Drop sudo.manpages and sudo-ldap.manpages as the upstream build system
++    now does the right thing here.
++  * Build the main sudo package with support for sssd, this doesn't add any
++    additional build time or runtime dependency. sudo will dynamically load
++    the sssd library if 'sss' is listed for the 'sudoers' nss service.
++
++ -- Stéphane Graber <stgraber@ubuntu.com>  Fri, 16 Nov 2012 09:31:32 -0500
++
++sudo (1.8.5p2-1ubuntu1) quantal; urgency=low
++
++  * Merge from debian/testing (LP: #1024154), remaining changes:
++    - debian/patches/keep_home_by_default.patch:
++      + Set HOME in initial_keepenv_table.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++      + install man/man8/sudo_root.8 in both flavours (Ubuntu specific)
++      + install apport hooks
++      + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
++        Debian however it requires a --enable-admin-flag configure flag to
++        actually enable it in both flavours.
++    - debian/control:
++      + Mark Debian Vcs-* as XS-Debian-Vcs-*
++      + update debian/control
++    - debian/sudoers:
++      + grant admin group sudo access
++    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.pam:
++      + Use pam_env to read /etc/environment and /etc/default/locale
++        environment files. Reading ~/.pam_environment is not permitted due to
++        security reasons.
++  * Dropped changes:
++    - debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch
++      + Fixed upstream in 1.8.5
++    - debian/patches/CVE-2012-2337.patch:
++      + Fixed upstream in 1.8.4p5
++    - debian/patches/pam_env_merge.patch:
++      + Feature released upstream in 1.8.5
++    - debian/{sudo,sudo-ldap}.{preinst,postinst,postrm}:
++      + Drop Ubuntu-specific sudoers file migration code because the only
++        upgrade path to quantal is from precise. All necessary sudoers file
++        migration will have already been done by the time this version of the
++        sudo package is installed.
++
++ -- Tyler Hicks <tyhicks@canonical.com>  Mon, 16 Jul 2012 14:01:42 +0200
++
  sudo (1.8.5p2-1) unstable; urgency=low
    * new upstream version
@@ -708,6 +1597,54 @@ sudo (1.8.5p2-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Thu, 28 Jun 2012 12:01:37 -0600
++sudo (1.8.3p2-1ubuntu2) quantal; urgency=low
++
++  * debian/patches/pam_env_merge.patch: Merge the PAM environment into the
++    user environment (LP: #982684)
++  * debian/sudo.pam: Use pam_env to read /etc/environment and
++    /etc/default/locale environment files. Reading ~/.pam_environment is not
++    permitted due to security reasons.
++
++ -- Tyler Hicks <tyhicks@canonical.com>  Mon, 21 May 2012 00:48:10 -0500
++
++sudo (1.8.3p2-1ubuntu1) quantal; urgency=low
++
++  * Merge from debian/testing, remaining changes:
++    - debian/patches/keep_home_by_default.patch:
++      + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1)
++    - debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch
++      + Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)
++    - debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4
++      addresses. Based on upstream patch.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++      + install man/man8/sudo_root.8 in both flavours (Ubuntu specific)
++      + install apport hooks
++      + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
++        Debian however it requires a --enable-admin-flag configure flag to
++        actually enable it in both flavours.
++    - debian/control:
++      + Mark Debian Vcs-* as XS-Debian-Vcs-*
++      + update debian/control
++    - debian/sudoers:
++      + grant admin group sudo access
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.preinst:
++      + avoid conffile prompt by checking for known default /etc/sudoers
++        and if found installing the correct default /etc/sudoers file.
++        Modified for updated default sudoers. Aproach taken is different
++        from Debian. Maybe this should now be dropped, since an LTS was
++        released.
++
++  * Dropped changes:
++    - debian/patches/CVE-2012-0809.patch:
++      + dropped, included in this new upstream release.
++    - debian/patches/enable_badpass.patch:
++      + dropped as Debian chose to set this by default in the sudoers.
++
++ -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com>  Tue, 01 May 2012 16:12:45 +0100
++
  sudo (1.8.3p2-1) unstable; urgency=high
    * new upstream version, closes: #657985 (CVE-2012-0809)
@@ -738,6 +1675,66 @@ sudo (1.8.3p1-2) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Sat, 12 Nov 2011 16:27:13 -0700
++sudo (1.8.3p1-1ubuntu5) quantal; urgency=low
++
++  * SECURITY UPDATE: Properly handle netmasks in sudoers Host and Host_List
++    values (LP: #1000276)
++    - debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4
++      addresses. Based on upstream patch.
++    - CVE-2012-2337
++
++ -- Tyler Hicks <tyhicks@canonical.com>  Wed, 16 May 2012 09:42:17 -0500
++
++sudo (1.8.3p1-1ubuntu4) quantal; urgency=low
++
++  * Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)
++
++ -- TJ (Ubuntu Contributions) <ubuntu@tjworld.net>  Mon, 30 Apr 2012 17:55:27 +0100
++
++sudo (1.8.3p1-1ubuntu3) precise; urgency=low
++
++  * SECURITY UPDATE: permissions bypass via format string
++    - debian/patches/CVE-2012-0809.patch: fix format string vulnerability
++      in src/sudo.c.
++    - CVE-2012-0809
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 31 Jan 2012 10:25:52 -0500
++
++sudo (1.8.3p1-1ubuntu2) precise; urgency=low
++
++  * debian/sudo.preinst:
++    - updated to avoid conffile prompt by migrating to the new sudoers file
++      changes in Precise. (LP: #894410)
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 24 Nov 2011 10:48:58 -0500
++
++sudo (1.8.3p1-1ubuntu1) precise; urgency=low
++
++  * Merge from debian/testing, remaining changes:
++    - debian/patches/keep_home_by_default.patch:
++      + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1)
++    - debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
++      + attempting sudo without knowing a login password is as bad as not
++        being listed in the sudoers file, especially if getting the password
++        wrong means doing the access-check-email-notification never happens
++        (rebased for 1.8.3p1)
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++      + install man/man8/sudo_root.8 (Ubuntu specific)
++      + install apport hooks
++      + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
++        Debian however it requires a --enable-admin-flag configure flag to
++        actually enable it.
++    - debian/sudoers:
++      + grant admin group sudo access
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++    - debian/sudo.preinst:
++      + avoid conffile prompt by checking for known default /etc/sudoers
++        and if found installing the correct default /etc/sudoers file
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Sun, 20 Nov 2011 12:07:45 -0500
++
  sudo (1.8.3p1-1) unstable; urgency=low
    * new upstream version, closes: #646478
@@ -780,6 +1777,33 @@ sudo (1.8.2-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Wed, 24 Aug 2011 13:33:11 -0600
++sudo (1.7.4p6-1ubuntu2) oneiric; urgency=low
++
++  * debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
++    - attempting sudo without knowing a login password is as bad as not
++      being listed in the sudoers file, especially if getting the password
++      wrong means doing the access-check-email-notification never happens
++      (Closes: 641218).
++
++ -- Kees Cook <kees@ubuntu.com>  Sun, 11 Sep 2011 10:29:08 -0700
++
++sudo (1.7.4p6-1ubuntu1) oneiric; urgency=low
++
++  * Merge from debian/unstable, remaining changes:
++    - debian/patches/keep_home_by_default.patch:
++      + Set HOME in initial_keepenv_table.
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++      + install man/man8/sudo_root.8 (Ubuntu specific)
++      + install apport hooks
++    - debian/sudoers:
++      + grant admin group sudo access
++    - debian/sudo-ldap.dirs, debian/sudo.dirs:
++      + add usr/share/apport/package-hooks
++  * drop debian/patches/CVE-2011-0010.patch, applied upstream now
++
++ -- Michael Vogt <michael.vogt@ubuntu.com>  Mon, 23 May 2011 09:50:37 +0200
++
  sudo (1.7.4p6-1) unstable; urgency=low
    * new upstream version
@@ -796,6 +1820,77 @@ sudo (1.7.4p4-6) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Tue, 11 Jan 2011 10:22:39 -0700
++sudo (1.7.4p4-5ubuntu8) oneiric; urgency=low
++
++  * debian/sudo.preinst:
++    - if well-known ec2 vmbuilder file is found, write a file in
++      sudoers.d for the 'ubuntu' user (LP: #768625)
++
++ -- Scott Moser <smoser@ubuntu.com>  Thu, 21 Apr 2011 18:04:34 -0400
++
++sudo (1.7.4p4-5ubuntu7) natty; urgency=low
++
++  * debian/sudo.preinst:
++    - do not consider the ec2 vmbuilder default sudoers file
++      verbatim as its actually customized (LP: #761689)
++
++ -- Michael Vogt <michael.vogt@ubuntu.com>  Fri, 15 Apr 2011 16:40:10 +0200
++
++sudo (1.7.4p4-5ubuntu6) natty; urgency=low
++
++  * debian/patches/keep_home_by_default.patch: Set HOME in
++    initial_keepenv_table.  LP: #760140
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 13 Apr 2011 12:32:25 -0700
++
++sudo (1.7.4p4-5ubuntu5) natty; urgency=low
++
++  * debian/sudo.preinst:
++    - avoid conffile prompt by checking for known default /etc/sudoers
++      and if found installing the correct default /etc/sudoers file
++      (LP: #690873)
++
++ -- Michael Vogt <michael.vogt@ubuntu.com>  Fri, 25 Mar 2011 09:13:43 +0100
++
++sudo (1.7.4p4-5ubuntu4) natty; urgency=low
++
++  * debian/rules: The ubuntu-sudo-as-admin-successful.patch was taken
++    upstream by Debian however it requires a --enable-admin-flag configure
++    flag to actually enable it.
++    (LP: #706045)
++
++ -- Bryce Harrington <bryce@ubuntu.com>  Thu, 10 Feb 2011 12:01:53 -0800
++
++sudo (1.7.4p4-5ubuntu3) natty; urgency=low
++
++  * SECURITY UPDATE: privilege escalation via -g when using group Runas_List
++    - debian/patches/CVE-2011-0010.patch: prompt for password when the user is
++      running sudo as himself but as a different group
++    - CVE-2011-0010
++
++ -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 18 Jan 2011 16:37:09 -0600
++
++sudo (1.7.4p4-5ubuntu2) natty; urgency=low
++
++  * debian/sudoers: temporarily workaround LP #690873 by adding %admin
++    into the default sudoers file in case people just say "yes" to the
++    dpkg conffile prompt.
++
++ -- Kees Cook <kees@ubuntu.com>  Wed, 15 Dec 2010 15:38:17 -0800
++
++sudo (1.7.4p4-5ubuntu1) natty; urgency=low
++
++  * Merge from debian unstable (LP: #689025), remaining changes:
++    - debian/rules:
++      + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++      + install man/man8/sudo_root.8 (Ubuntu specific)
++      + install apport hooks
++    - debian/sudo-ldap.dirs, debian/sudo.dirs: add
++      usr/share/apport/package-hooks
++  * This upload also fixes: LP: #609645
++
++ -- Lorenzo De Liso <blackz@ubuntu.com>  Wed, 15 Dec 2010 21:32:57 +0100
++
  sudo (1.7.4p4-5) unstable; urgency=low
    * patch from Jakub Wilk to add noopt and nostrip build option support,
@@ -849,6 +1944,47 @@ sudo (1.7.4p4-1) unstable; urgency=high
   -- Bdale Garbee <bdale@gag.com>  Tue, 07 Sep 2010 12:22:42 -0600
++sudo (1.7.2p7-1ubuntu3) natty; urgency=low
++
++  * No-change upload to drop sizable upstream changelog.
++
++ -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 22 Nov 2010 11:24:33 +0100
++
++sudo (1.7.2p7-1ubuntu2) maverick; urgency=low
++
++  * SECURITY UPDATE: privilege escalation via '-g' option when using
++    'user:group' in Runas_Spec
++    - debian/patches/CVE-2010-2956.patch: update match.c to verify both user
++      and group match sudoers when using '-g'
++    - CVE-2010-2956
++
++ -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 31 Aug 2010 14:54:06 -0500
++
++sudo (1.7.2p7-1ubuntu1) maverick; urgency=low
++
++  * Merge from debian unstable.  Remaining changes:
++   - debian/rules:
++     - compile with --without-lecture --with-tty-tickets (Ubuntu specific)
++     - install man/man8/sudo_root.8 (Ubuntu specific)
++     - install apport hooks
++   - debian/sudo-ldap.dirs, debian/sudo.dirs: add
++     usr/share/apport/package-hooks
++   - debian/patches/ubuntu-sudo-as-admin-successful.patch: adjust sudo.c so
++     that if the user successfully authenticated and he is in the 'admin'
++     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
++     profile checks for this and displays a short intro about sudo if the flag
++     is not present
++  * Dropped the following, now included upstream:
++    - fix for CVE-2010-1163
++    - fix for CVE-2010-0426
++    - debian/sudo.postinst, debian/sudo-ldap.postinst: update description to
++      match behavior in sudoers file
++    - don't install init script. Debian moved to /var/lib/sudo from
++      /var/run/sudo, so Ubuntu's tmpfs usage won't clean those out
++      automatically any more, so we now need the initscript.
++
++ -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 06 Jul 2010 11:43:05 -0500
++
  sudo (1.7.2p7-1) unstable; urgency=high
    * new upstream release with security fix for secure path (CVE-2010-1646),
@@ -884,6 +2020,62 @@ sudo (1.7.2p5-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Thu, 11 Mar 2010 15:44:53 -0700
++sudo (1.7.2p1-1ubuntu5) lucid; urgency=low
++
++  * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit'
++    pseudo-command when running from the current working directory and
++    secure_path is disabled
++    - CVE-2010-XXXX
++
++ -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 07 Apr 2010 15:35:36 -0500
++
++sudo (1.7.2p1-1ubuntu4) lucid; urgency=low
++
++  * env.c: Revert addition of "http_proxy" again. This was an Ubuntu specific
++    EBW hack, caused inconsistencies with other proxy variables (such as
++    https_proxy and ftp_proxy), made sudo incompatible to upstream
++    behaviour/documentation. This is solved in a much better way in apt itself
++    and gnome-network-properties now. (LP: #432631)
++
++ -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 26 Mar 2010 18:48:18 +0100
++
++sudo (1.7.2p1-1ubuntu3) lucid; urgency=low
++
++  * debian/sudo.postinst, debian/sudo-ldap.postinst: update description to
++    match behaviour in sudoers file. (LP: #534090)
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Sun, 07 Mar 2010 19:49:39 -0500
++
++sudo (1.7.2p1-1ubuntu2) lucid; urgency=low
++
++  * SECURITY UPDATE: properly verify path for the 'sudoedit' pseudo-command
++    in match.c
++    - http://sudo.ws/repos/sudo/rev/88f3181692fe
++    - CVE-2010-0426
++
++ -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 24 Feb 2010 16:50:11 -0600
++
++sudo (1.7.2p1-1ubuntu1) lucid; urgency=low
++
++  * Merge from debian testing.  Remaining changes:
++   - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
++     specific)
++   - Add debian/sudo_root.8: Explanation of root handling through sudo.
++     Install it in debian/rules. (Ubuntu specific)
++   - sudo.c: If the user successfully authenticated and he is in the 'admin'
++     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
++     profile checks for this and displays a short intro about sudo if the
++     flag is not present. (Ubuntu specific)
++   - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
++     for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
++     some point)
++   - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script
++     installation. Debian reintroduced it because /var/run tmpfs is not the
++     default there, but has been on Ubuntu for ages.
++   - debian/{source_sudo.py,rules,sudo-ldap.dirs,sudo.dirs}: Add apport hook
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 08 Feb 2010 18:47:06 -0500
++
  sudo (1.7.2p1-1) unstable; urgency=low
    * new upstream version
@@ -911,6 +2103,40 @@ sudo (1.7.2-1) unstable; urgency=low
   -- Bdale Garbee <bdale@gag.com>  Wed, 15 Jul 2009 01:29:46 -0600
++sudo (1.7.0-1ubuntu3) lucid; urgency=low
++
++  * debian/{source_sudo.py,rules}: Add apport hook
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 29 Jan 2010 09:31:00 -0500
++
++sudo (1.7.0-1ubuntu2) karmic; urgency=low
++
++  * env.c: add logic similar to pam_env's stripping of single and double
++    quotes around /etc/environment env vars; fixes literal quotes in LANG when
++    using sudo -i; LP: #387262.
++
++ -- Loïc Minier <loic.minier@ubuntu.com>  Mon, 22 Jun 2009 18:03:45 +0200
++
++sudo (1.7.0-1ubuntu1) karmic; urgency=low
++
++  * Merge from debian unstable, remaining changes:
++   - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
++     specific)
++   - Add debian/sudo_root.8: Explanation of root handling through sudo.
++     Install it in debian/rules. (Ubuntu specific)
++   - sudo.c: If the user successfully authenticated and he is in the 'admin'
++     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
++     profile checks for this and displays a short intro about sudo if the
++     flag is not present. (Ubuntu specific)
++   - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
++     for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
++     some point)
++   - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script
++     installation. Debian reintroduced it because /var/run tmpfs is not the
++     default there, but has been on Ubuntu for ages.
++
++ -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 11 May 2009 18:07:03 +0200
++
  sudo (1.7.0-1) unstable; urgency=low
    * new upstream version, closes: #510179, #128268, #520274, #508514
 diff --git a/debian/control b/debian/control
 index b5a73de..92387f8 100644
 --- a/debian/control
 +++ b/debian/control
@@ -1,7 +1,8 @@
  Source: sudo
  Section: admin
  Priority: optional
--Maintainer: Sudo Maintainers <sudo@packages.debian.org>
++Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
++XSBC-Original-Maintainer: Sudo Maintainers <sudo@packages.debian.org>
  Uploaders: Marc Haber <mh+debian-packages@zugschlus.de>,
    Hanno Wagner <wagner@debian.org>,
    Hilko Bengen <bengen@debian.org>,
 diff --git a/debian/etc/pam.d/sudo b/debian/etc/pam.d/sudo
 index 96e8906..7819ab1 100644
 --- a/debian/etc/pam.d/sudo
 +++ b/debian/etc/pam.d/sudo
@@ -3,6 +3,9 @@
  # Set up user limits from /etc/security/limits.conf.
  session    required   pam_limits.so
++session    required   pam_env.so readenv=1 user_readenv=0
++session    required   pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0
++
  @include common-auth
  @include common-account
  @include common-session-noninteractive
 diff --git a/debian/etc/pam.d/sudo-i b/debian/etc/pam.d/sudo-i
 index d638522..584b2d8 100644
 --- a/debian/etc/pam.d/sudo-i
 +++ b/debian/etc/pam.d/sudo-i
@@ -3,6 +3,9 @@
  # Set up user limits from /etc/security/limits.conf.
  session    required   pam_limits.so
++session    required   pam_env.so readenv=1 user_readenv=0
++session    required   pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0
++
  @include common-auth
  @include common-account
  @include common-session
 diff --git a/debian/etc/sudoers b/debian/etc/sudoers
 index b5da8e9..8b0fb7f 100644
 --- a/debian/etc/sudoers
 +++ b/debian/etc/sudoers
@@ -8,7 +8,7 @@
+ #
  Defaults	env_reset
  Defaults	mail_badpass
--Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
++Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
  # This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
  # (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
@@ -46,6 +46,9 @@ Defaults	use_pty
  # User privilege specification
  root	ALL=(ALL:ALL) ALL
++# Members of the admin group may gain root privileges
++%admin ALL=(ALL) ALL
++
  # Allow members of group sudo to execute any command
  %sudo	ALL=(ALL:ALL) ALL
 diff --git a/debian/sudo-ldap.init b/debian/sudo-ldap.init
 deleted file mode 100644
 index b907b8a..0000000
 --- a/debian/sudo-ldap.init
 +++ /dev/null
@@ -1,46 +0,0 @@
--#! /bin/sh
--
--### BEGIN INIT INFO
--# Provides:          sudo-ldap
--# Required-Start:    $local_fs $remote_fs
--# Required-Stop:
--# X-Start-Before:    rmnologin
--# Default-Start:     2 3 4 5
--# Default-Stop:
--# Short-Description: Provide limited super user privileges to specific users
--# Description: Provide limited super user privileges to specific users.
--### END INIT INFO
--
--. /lib/lsb/init-functions
--
--N=/etc/init.d/sudo-ldap
--
--set -e
--
--case "$1" in
--  start)
--	# make sure privileges don't persist across reboots
--	# if the /run/sudo directory doesn't exist, let's create it with the
--	# correct permissions and SELinux label
--        if ! [ -d /run/systemd/system ] ; then
--	        if [ -d /run/sudo ]
--	        then
--                        find /run/sudo -exec touch -d @0 '{}' \;
--	        else
--	        	mkdir /run/sudo /run/sudo/ts
--	        	chown root:root /run/sudo /run/sudo/ts
--	        	chmod 0711 /run/sudo
--	        	chmod 0700 /run/sudo/ts
--	        	[ -x /sbin/restorecon ] && /sbin/restorecon /run/sudo /run/sudo/ts
--	        fi
--	fi
--	;;
--  stop|reload|restart|force-reload|status)
--	;;
--  *)
--	echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
--	exit 1
--	;;
--esac
--
--exit 0
 diff --git a/debian/sudo-ldap.manpages b/debian/sudo-ldap.manpages
 new file mode 100644
 index 0000000..72826b8
 --- /dev/null
 +++ b/debian/sudo-ldap.manpages
@@ -0,0 +1 @@
++debian/sudo_root.8
 diff --git a/debian/sudo.init b/debian/sudo.init
 deleted file mode 100644
 index 602d9bf..0000000
 --- a/debian/sudo.init
 +++ /dev/null
@@ -1,46 +0,0 @@
--#! /bin/sh
--
--### BEGIN INIT INFO
--# Provides:          sudo
--# Required-Start:    $local_fs $remote_fs
--# Required-Stop:
--# X-Start-Before:    rmnologin
--# Default-Start:     2 3 4 5
--# Default-Stop:
--# Short-Description: Provide limited super user privileges to specific users
--# Description: Provide limited super user privileges to specific users.
--### END INIT INFO
--
--. /lib/lsb/init-functions
--
--N=/etc/init.d/sudo
--
--set -e
--
--case "$1" in
--  start)
--	# make sure privileges don't persist across reboots
--	# if the /run/sudo directory doesn't exist, let's create it with the
--	# correct permissions and SELinux label
--        if ! [ -d /run/systemd/system ] ; then
--	        if [ -d /run/sudo ]
--	        then
--                        find /run/sudo -exec touch -d @0 '{}' \;
--	        else
--	        	mkdir /run/sudo /run/sudo/ts
--	        	chown root:root /run/sudo /run/sudo/ts
--	        	chmod 0711 /run/sudo
--	        	chmod 0700 /run/sudo/ts
--	        	[ -x /sbin/restorecon ] && /sbin/restorecon /run/sudo /run/sudo/ts
--	        fi
--	fi
--	;;
--  stop|reload|restart|force-reload|status)
--	;;
--  *)
--	echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
--	exit 1
--	;;
--esac
--
--exit 0
 diff --git a/debian/sudo.manpages b/debian/sudo.manpages
 new file mode 100644
 index 0000000..72826b8
 --- /dev/null
 +++ b/debian/sudo.manpages
@@ -0,0 +1 @@
++debian/sudo_root.8
 diff --git a/debian/sudo_root.8 b/debian/sudo_root.8
 new file mode 100644
 index 0000000..47532ed
 --- /dev/null
 +++ b/debian/sudo_root.8
@@ -0,0 +1,138 @@
++.TH sudo_root 8 "February 8, 2006"
++
++.SH NAME
++sudo_root \- How to run administrative commands
++
++.SH SYNOPSIS
++
++.B sudo
++.I command
++
++.B sudo \-i
++
++.SH INTRODUCTION
++
++By default, the password for the user "root" (the system
++administrator) is locked. This means you cannot login as root or use
++su. Instead, the installer will set up sudo to allow the user that is
++created during install to run all administrative commands.
++
++This means that in the terminal you can use sudo for commands that
++require root privileges. All programs in the menu will use a graphical
++sudo to prompt for a password. When sudo asks for a password, it needs
++.B your password,
++this means that a root password is not needed.
++
++To run a command which requires root privileges in a terminal, simply
++prepend
++.B sudo
++in front of it. To get an interactive root shell, use
++.B sudo \-i\fR.
++
++.SH ALLOWING OTHER USERS TO RUN SUDO
++
++By default, only the user who installed the system is permitted to run
++sudo. To add more administrators, i. e. users who can run sudo, you
++have to add these users to the group 'sudo' by doing one of the
++following steps:
++
++.IP * 2
++In a shell, do
++
++.RS 4
++.B sudo adduser
++.I username
++.B sudo
++.RE
++
++.IP * 2
++Use the graphical "Users & Groups" program in the "System settings"
++menu to add the new user to the
++.B sudo
++group.
++
++.SH BENEFITS OF USING SUDO
++
++The benefits of leaving root disabled by default include the following:
++
++.IP * 2
++Users do not have to remember an extra password, which they are likely to forget.
++.IP * 2
++The installer is able to ask fewer questions.
++.IP * 2
++It avoids the "I can do anything" interactive login by default \- you
++will be prompted for a password before major changes can happen, which
++should make you think about the consequences of what you are doing.
++.IP * 2
++Sudo adds a log entry of the command(s) run (in \fB/var/log/auth.log\fR).
++.IP * 2
++Every attacker trying to brute\-force their way into your box will
++know it has an account named root and will try that first. What they
++do not know is what the usernames of your other users are.
++.IP * 2
++Allows easy transfer for admin rights, in a short term or long term
++period, by adding and removing users from the sudo group, while not
++compromising the root account.
++.IP * 2
++sudo can be set up with a much more fine\-grained security policy.
++.IP * 2
++On systems with more than one administrator using sudo avoids sharing
++a password amongst them.
++
++.SH DOWNSIDES OF USING SUDO
++
++Although for desktops the benefits of using sudo are great, there are
++possible issues which need to be noted:
++
++.IP * 2
++Redirecting the output of commands run with sudo can be confusing at
++first. For instance consider
++
++.RS 4
++.B sudo ls > /root/somefile
++.RE
++
++.RS 2
++will not work since it is the shell that tries to write to that file. You can use
++.RE
++
++.RS 4
++.B ls | sudo tee /root/somefile
++.RE
++
++.RS 2
++to get the behaviour you want.
++.RE
++
++.IP * 2
++In a lot of office environments the ONLY local user on a system is
++root. All other users are imported using NSS techniques such as
++nss\-ldap. To setup a workstation, or fix it, in the case of a network
++failure where nss\-ldap is broken, root is required. This tends to
++leave the system unusable. An extra local user, or an enabled root
++password is needed here.
++
++.SH GOING BACK TO A TRADITIONAL ROOT ACCOUNT
++
++.B This is not recommended!
++
++To enable the root account (i.e. set a password) use:
++
++.RS 4
++.B sudo passwd root
++.RE
++
++Afterwards, edit the sudo configuration with
++.B sudo visudo
++and comment out the line
++
++.RS 4
++%sudo  ALL=(ALL) ALL
++.RE
++
++to disable sudo access to members of the sudo group.
++
++.SH SEE ALSO
++.BR sudo (8),
++.B https://wiki.ubuntu.com/RootSudo
++
 diff --git a/debian/tests/control b/debian/tests/control
 index abea94c..75e51a0 100644
 --- a/debian/tests/control
 +++ b/debian/tests/control
@@ -6,11 +6,15 @@ Tests: 02-1003969-audit-no-resolve
  Depends: sudo
  Restrictions: needs-root
--Tests: 03-getroot-ldap
--Depends: sudo-ldap, adduser, slapd, ldap-utils, cron
--Restrictions: needs-root
++# We cannot add 'sudo-ldap' as a Depends: as there is a removal conflict with
++# 'sudo' in Ubuntu and we need to pass the SUDO_FORCE_REMOVE env var to avoid
++# this. Removing sudo conflicts with autopkgtest-virt-ssh, so we skip this test
++# (except for armhf/LXD containers). Needs more investigation...
++Test-Command: systemd-detect-virt -q --container || exit 77; env SUDO_FORCE_REMOVE=yes apt-get -y install sudo-ldap && debian/tests/03-getroot-ldap
++Depends: adduser, slapd, ldap-utils, cron
++Restrictions: needs-root, skippable
++Features: test-name=03-getroot-ldap
  Tests: 04-getroot-sssd
  Depends: sudo, adduser, slapd, ldap-utils, sssd-common, sssd-ldap, cron
  Restrictions: needs-root
--

Ubuntusudo package

Merge ~danilogondolfo/ubuntu/+source/sudo:merge-lp2020470-mantic into ubuntu/+source/sudo:debian/sid

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

Ubuntu
sudo package