lp:ubuntu/saucy-updates/sudo
- Get this branch:
- bzr branch lp:ubuntu/saucy-updates/sudo
Branch merges
Branch information
Recent revisions
- 63. By Marc Deslauriers
-
debian/
sudo.sudo. init, debian/ sudo-ldap. sudo.init: Set timestamps to
epoch in init scripts so they are properly invalidated. (LP: #1223297) - 62. By Marc Deslauriers
-
* SECURITY UPDATE: authentication bypass via clock set to epoch
- debian/patches/ CVE-2013- 1775.patch: ignore time stamp file if it is
set to epoch in plugins/sudoers/ check.c.
- CVE-2013-1775 - 61. By Stéphane Graber
-
The latest sssd upload dropped the soname from libsss_sudo.so, so we
can now drop our sudo delta and just use libsss_sudo.so directly. - 60. By Stéphane Graber
-
* New upstream release (1.8.6p3).
* Add patch to fix building with sssd when ldap is disabled.
* Drop sudo.manpages and sudo-ldap.manpages as the upstream build system
now does the right thing here.
* Build the main sudo package with support for sssd, this doesn't add any
additional build time or runtime dependency. sudo will dynamically load
the sssd library if 'sss' is listed for the 'sudoers' nss service. - 59. By Tyler Hicks
-
* Merge from debian/testing (LP: #1024154), remaining changes:
- debian/patches/ keep_home_ by_default. patch:
+ Set HOME in initial_keepenv_ table.
- debian/rules:
+ compile with --without-lecture --with-tty-tickets (Ubuntu specific)
+ install man/man8/sudo_root. 8 in both flavours (Ubuntu specific)
+ install apport hooks
+ The ubuntu-sudo-as- admin-successfu l.patch was taken upstream by
Debian however it requires a --enable-admin-flag configure flag to
actually enable it in both flavours.
- debian/control:
+ Mark Debian Vcs-* as XS-Debian-Vcs-*
+ update debian/control
- debian/sudoers:
+ grant admin group sudo access
- debian/source_ sudo.py, debian/ sudo-ldap. dirs, debian/sudo.dirs:
+ add usr/share/apport/ package- hooks
- debian/sudo.pam:
+ Use pam_env to read /etc/environment and /etc/default/locale
environment files. Reading ~/.pam_environment is not permitted due to
security reasons.
* Dropped changes:
- debian/patches/ lp927828- fix-abort- in-pam- modules- when-timestamp- valid.patch
+ Fixed upstream in 1.8.5
- debian/patches/ CVE-2012- 2337.patch:
+ Fixed upstream in 1.8.4p5
- debian/patches/ pam_env_ merge.patch:
+ Feature released upstream in 1.8.5
- debian/{sudo,sudo- ldap}.{ preinst, postinst, postrm} :
+ Drop Ubuntu-specific sudoers file migration code because the only
upgrade path to quantal is from precise. All necessary sudoers file
migration will have already been done by the time this version of the
sudo package is installed. - 58. By Steve Langasek
-
* debian/
patches/ pam_env_ merge.patch: Merge the PAM environment into the
user environment (LP: #982684)
* debian/sudo.pam: Use pam_env to read /etc/environment and
/etc/default/ locale environment files. Reading ~/.pam_environment is not
permitted due to security reasons. - 56. By Tyler Hicks
-
* SECURITY UPDATE: Properly handle netmasks in sudoers Host and Host_List
values (LP: #1000276)
- debian/patches/ CVE-2012- 2337.patch: Don't perform IPv6 checks on IPv4
addresses. Based on upstream patch.
- CVE-2012-2337 - 55. By TJ (Ubuntu Contributions)
-
Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)
- 54. By Marc Deslauriers
-
* SECURITY UPDATE: permissions bypass via format string
- debian/patches/ CVE-2012- 0809.patch: fix format string vulnerability
in src/sudo.c.
- CVE-2012-0809
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/sudo