Ubuntu
sudo package

lp:ubuntu/quantal/sudo

  1. Quantal (12.10)
  2. quantal
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/quantal/sudo
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

59. By Tyler Hicks

* Merge from debian/testing (LP: #1024154), remaining changes:
  - debian/patches/keep_home_by_default.patch:
    + Set HOME in initial_keepenv_table.
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 in both flavours (Ubuntu specific)
    + install apport hooks
    + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
      Debian however it requires a --enable-admin-flag configure flag to
      actually enable it in both flavours.
  - debian/control:
    + Mark Debian Vcs-* as XS-Debian-Vcs-*
    + update debian/control
  - debian/sudoers:
    + grant admin group sudo access
  - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
    + add usr/share/apport/package-hooks
  - debian/sudo.pam:
    + Use pam_env to read /etc/environment and /etc/default/locale
      environment files. Reading ~/.pam_environment is not permitted due to
      security reasons.
* Dropped changes:
  - debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch
    + Fixed upstream in 1.8.5
  - debian/patches/CVE-2012-2337.patch:
    + Fixed upstream in 1.8.4p5
  - debian/patches/pam_env_merge.patch:
    + Feature released upstream in 1.8.5
  - debian/{sudo,sudo-ldap}.{preinst,postinst,postrm}:
    + Drop Ubuntu-specific sudoers file migration code because the only
      upgrade path to quantal is from precise. All necessary sudoers file
      migration will have already been done by the time this version of the
      sudo package is installed.

58. By Steve Langasek

* debian/patches/pam_env_merge.patch: Merge the PAM environment into the
  user environment (LP: #982684)
* debian/sudo.pam: Use pam_env to read /etc/environment and
  /etc/default/locale environment files. Reading ~/.pam_environment is not
  permitted due to security reasons.

57. By Steve Langasek

Merge version 1.8.3p2-1

56. By Tyler Hicks

* SECURITY UPDATE: Properly handle netmasks in sudoers Host and Host_List
  values (LP: #1000276)
  - debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4
    addresses. Based on upstream patch.
  - CVE-2012-2337

55. By TJ (Ubuntu Contributions)

Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)

54. By Marc Deslauriers

* SECURITY UPDATE: permissions bypass via format string
  - debian/patches/CVE-2012-0809.patch: fix format string vulnerability
    in src/sudo.c.
  - CVE-2012-0809

53. By Marc Deslauriers

* debian/sudo.preinst:
  - updated to avoid conffile prompt by migrating to the new sudoers file
    changes in Precise. (LP: #894410)

52. By Marc Deslauriers

* Merge from debian/testing, remaining changes:
  - debian/patches/keep_home_by_default.patch:
    + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1)
  - debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
    + attempting sudo without knowing a login password is as bad as not
      being listed in the sudoers file, especially if getting the password
      wrong means doing the access-check-email-notification never happens
      (rebased for 1.8.3p1)
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 (Ubuntu specific)
    + install apport hooks
    + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
      Debian however it requires a --enable-admin-flag configure flag to
      actually enable it.
  - debian/sudoers:
    + grant admin group sudo access
  - debian/sudo-ldap.dirs, debian/sudo.dirs:
    + add usr/share/apport/package-hooks
  - debian/sudo.preinst:
    + avoid conffile prompt by checking for known default /etc/sudoers
      and if found installing the correct default /etc/sudoers file

51. By Kees Cook

* debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
  - attempting sudo without knowing a login password is as bad as not
    being listed in the sudoers file, especially if getting the password
    wrong means doing the access-check-email-notification never happens
    (Closes: 641218).

50. By Michael Vogt

* Merge from debian/unstable, remaining changes:
  - debian/patches/keep_home_by_default.patch:
    + Set HOME in initial_keepenv_table.
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 (Ubuntu specific)
    + install apport hooks
  - debian/sudoers:
    + grant admin group sudo access
  - debian/sudo-ldap.dirs, debian/sudo.dirs:
    + add usr/share/apport/package-hooks
* drop debian/patches/CVE-2011-0010.patch, applied upstream now

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/raring/sudo
This branch contains Public information 
Everyone can see this information.

Subscribers