ubuntu/+source/sudo:ubuntu/karmic-devel

Last commit made on 2011-01-20
Get this branch:
git clone -b ubuntu/karmic-devel https://git.launchpad.net/ubuntu/+source/sudo
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/karmic-devel
Repository:
lp:ubuntu/+source/sudo

Recent commits

03087bc... by Jamie Strandboge on 2011-01-19

Import patches-unapplied version 1.7.0-1ubuntu2.6 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: d5e6281047001baa6196e5aca33249310b91a8b6

New changelog entries:
  * SECURITY UPDATE: privilege escalation via -g when using group Runas_List
    - pwutil.c, sudo.h: add user_in_group(), backported from upstream commits
      48ca8c2eddf8, 72df368a8a0e and 6ebc55d4716b. This is intended to be used
      only with check.c to fix CVE-2011-0010 instead of doing the refactoring.
      Going forward, will need to look at this code also if a flaw is found in
      this refactored code. If needed, the refactoring work is in 48ca8c2eddf8
      and 6ebc55d4716b.
    - check.c: prompt for password when the user is running sudo as himself
      but as a different group. Based on fe8a94f96542.
    - CVE-2011-0010

d5e6281... by Jamie Strandboge on 2010-08-31

Import patches-unapplied version 1.7.0-1ubuntu2.5 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: f50ba9c76692aac032c3c9baf3a3bd5796eccb2e

New changelog entries:
  * SECURITY UPDATE: privilege escalation via '-g' option when using
    'user:group' in Runas_Spec
    - update match.c to verify both user and group match sudoers when using
      '-g'. Based on patch from upstream.
    - CVE-2010-2956

f50ba9c... by Jamie Strandboge on 2010-06-28

Import patches-unapplied version 1.7.0-1ubuntu2.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 14734e61644d0877b9b84624bf261de2da495cdb

New changelog entries:
  * SECURITY UPDATE: properly handle multiple PATH variables when using
    secure_path in env.c
    - Adapted http://www.sudo.ws/repos/sudo/raw-rev/a09c6812eaec
    - CVE-2010-1646

14734e6... by Jamie Strandboge on 2010-04-07

Import patches-unapplied version 1.7.0-1ubuntu2.2 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 73346fc719a063c05551f6bd3ce9fd11779c8cfc

New changelog entries:
  * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit'
    pseudo-command when running from the current working directory and
    secure_path is disabled
    - CVE-2010-XXXX

73346fc... by Jamie Strandboge on 2010-02-24

Import patches-unapplied version 1.7.0-1ubuntu2.1 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: cb984ab7641476196100f74c1e3444b0753a2ebf

New changelog entries:
  * SECURITY UPDATE: properly verify path for the 'sudoedit' pseudo-command
    in match.c
    - http://sudo.ws/repos/sudo/rev/88f3181692fe
    - CVE-2010-0426

cb984ab... by Loïc Minier on 2009-06-22

Import patches-unapplied version 1.7.0-1ubuntu2 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 6f1d278b516654330e7f6c01df3c979673760de1

New changelog entries:
  * env.c: add logic similar to pam_env's stripping of single and double
    quotes around /etc/environment env vars; fixes literal quotes in LANG when
    using sudo -i; LP: #387262.

6f1d278... by Martin Pitt on 2009-05-11

Import patches-unapplied version 1.7.0-1ubuntu1 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 070312e996df2ea0717630dc949060bd580726a0

New changelog entries:
  * Merge from debian unstable, remaining changes:
   - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
     specific)
   - Add debian/sudo_root.8: Explanation of root handling through sudo.
     Install it in debian/rules. (Ubuntu specific)
   - sudo.c: If the user successfully authenticated and he is in the 'admin'
     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
     profile checks for this and displays a short intro about sudo if the
     flag is not present. (Ubuntu specific)
   - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept
     for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at
     some point)
   - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script
     installation. Debian reintroduced it because /var/run tmpfs is not the
     default there, but has been on Ubuntu for ages.

070312e... by Bdale Garbee on 2009-03-28

Import patches-unapplied version 1.7.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: aa40593ade6fe072e8a4f315f3e3d0d088f2dcb9

New changelog entries:
  * new upstream version, closes: #510179, #128268, #520274, #508514
  * fix ldap config file path for sudo-ldap package, including creating
    a symlink in postinst and cleaning it up in postrm for the sudo-ldap
    package, closes: #430826
  * fix NOPASSWD entry location in default config file for the sudo-ldap
    instance too, closes: #479616

aa40593... by Bdale Garbee on 2009-01-27

Import patches-unapplied version 1.6.9p17-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0d3fbb3fc7b20d87e430014f16379375ae6ebb24

New changelog entries:
  * patch from upstream to fix privilege escalation with certain configurations
  * typo in sudoers man page, closes: #507163

0d3fbb3... by Bdale Garbee on 2008-07-06

Import patches-unapplied version 1.6.9p17-1 to debian/lenny

Imported using git-ubuntu import.