lp:ubuntu/karmic/sudo

Created by James Westby on 2009-06-28 and last modified on 2009-06-28
Get this branch:
bzr branch lp:ubuntu/karmic/sudo
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

30. By Loïc Minier on 2009-06-22

env.c: add logic similar to pam_env's stripping of single and double
quotes around /etc/environment env vars; fixes literal quotes in LANG when
using sudo -i; LP: #387262.

29. By Martin Pitt on 2009-05-11

* Merge from debian unstable, remaining changes:
 - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
   specific)
 - Add debian/sudo_root.8: Explanation of root handling through sudo.
   Install it in debian/rules. (Ubuntu specific)
 - sudo.c: If the user successfully authenticated and he is in the 'admin'
   group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
   profile checks for this and displays a short intro about sudo if the
   flag is not present. (Ubuntu specific)
 - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
   for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
   some point)
 - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script
   installation. Debian reintroduced it because /var/run tmpfs is not the
   default there, but has been on Ubuntu for ages.

28. By Kees Cook on 2009-02-16

* SECURITY UPDATE: privilege escalation via non-default system groups.
  - parse.c: upstream fix for CVE-2009-0034:
    http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c?r1=1.160.2.21&r2=1.160.2.22

27. By Martin Pitt on 2008-09-01

sudo.c: Drop usage of locale again, to revert back to the 1.6.8 behaviour.
fnmatch() and glob() behave differently under different locales and thus
cause undefined behaviour with (admittedly underspecified) character range
globs such as "[a-Z]". Patch taken from upstream CVS, see
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=296 (LP: #228046)

26. By Martin Pitt on 2008-08-06

* Merge from debian unstable, remaining changes:
 - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
   specific)
 - Add debian/sudo_root.8: Explanation of root handling through sudo.
   Install it in debian/rules. (Ubuntu specific)
 - sudo.c: If the user successfully authenticated and he is in the 'admin'
   group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
   profile checks for this and displays a short intro about sudo if the
   flag is not present. (Ubuntu specific)
 - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
   for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
   some point)
* debian/{rules,postinst,sudo-ldap.postinst}: Disable init script
  installation. Debian reintroduced it because /var/run tmpfs is not the
  default there, but has been on Ubuntu for ages.

25. By Martin Pitt on 2008-06-18

* Merge from debian unstable, remaining changes:
 - logging.c: Ignore SIGPIPE when creating an error email, so that non-fatal
   error messages (like "unable to resolve local host name") do not lead to
   being killed with SIGPIPE if /usr/bin/sendmail does not exist or crashes.
   (LP #32906, http://www.gratisoft.us/bugzilla/show_bug.cgi?id=285)
 - debian/postinst: put "NOPASSWD" example at the bottom, so that
   uncommenting it will actually work (later entries override former ones).
   (LP #131399, Debian #479616)
 - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
   specific)
 - Add debian/sudo_root.8: Explanation of root handling through sudo.
   Install it in debian/rules. (Ubuntu specific)
 - sudo.c: If the user successfully authenticated and he is in the 'admin'
   group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
   profile checks for this and displays a short intro about sudo if the
   flag is not present. (Ubuntu specific)
 - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
   for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
   some point)
* debian/{rules,postinst}: Disable init script installation. Debian
  reintroduced it because /var/run tmpfs is not the default there, but has
  been on Ubuntu for ages.

24. By Martin Pitt on 2008-05-14

debian/postinst: Fix a typo, and add a more helpful comment about the
ordering and overriding. (LP: #131399)

23. By Martin Pitt on 2008-05-05

* Merge from debian unstable, remaining changes:
 - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
   specific)
 - Add debian/sudo_root.8: Explanation of root handling through sudo.
   Install it in debian/rules. (Ubuntu specific)
 - sudo.c: If the user successfully authenticated and he is in the 'admin'
   group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
   profile checks for this and displays a short intro about sudo if the
   flag is not present. (Ubuntu specific)
 - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
   for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
   some point)
* logging.c: Ignore SIGPIPE when creating an error email, so that non-fatal
  error messages (like "unable to resolve local host name") do not lead to
  being killed with SIGPIPE if /usr/bin/sendmail does not exist or crashes.
  Forwarded upstream to http://www.gratisoft.us/bugzilla/show_bug.cgi?id=285
  (LP: #32906)
* env.c: Do not clobber $HOME when not specifying -H or -s. Patch taken from
  upstream CVS. (LP: #221395)
* debian/postinst: put "NOPASSWD" example at the bottom, so that
  uncommenting it will actually work (later entries override former ones).
  (LP: #131399)

22. By Martin Pitt on 2008-02-25

env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
for "sudo apt-get ...". This is an EBW workaround for a design problem of
not having a system-wide proxy setting, but in order to not break existing
practice for upgrades we have to live with it for Hardy.

21. By Steve Langasek on 2008-01-22

No-change rebuild against libldap-2.4-2.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/sudo
This branch contains Public information 
Everyone can see this information.

Subscribers