ubuntu/+source/sudo:ubuntu/maverick-devel

Last commit made on 2011-01-20
Get this branch:
git clone -b ubuntu/maverick-devel https://git.launchpad.net/ubuntu/+source/sudo
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/maverick-devel
Repository:
lp:ubuntu/+source/sudo

Recent commits

545115c... by Jamie Strandboge on 2011-01-19

Import patches-unapplied version 1.7.2p7-1ubuntu2.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: f25d3d31e1891a8cd8f38fff765285abe20ef9ca

New changelog entries:
  * SECURITY UPDATE: privilege escalation via -g when using group Runas_List
    - debian/patches/user_in_group.patch: add user_in_group(), backported from
      upstream
    - debian/patches/CVE-2011-0010.patch: prompt for password when the user is
      running sudo as himself but as a different group
    - CVE-2011-0010

f25d3d3... by Jamie Strandboge on 2010-08-31

Import patches-unapplied version 1.7.2p7-1ubuntu2 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 4d1587727c97a9d7bc5598e2b73279a509cd2707

New changelog entries:
  * SECURITY UPDATE: privilege escalation via '-g' option when using
    'user:group' in Runas_Spec
    - debian/patches/CVE-2010-2956.patch: update match.c to verify both user
      and group match sudoers when using '-g'
    - CVE-2010-2956

4d15877... by Jamie Strandboge on 2010-07-06

Import patches-unapplied version 1.7.2p7-1ubuntu1 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: a386c521af9abde71d86c6cdfd672ca461445e60

New changelog entries:
  * Merge from debian unstable. Remaining changes:
   - debian/rules:
     - compile with --without-lecture --with-tty-tickets (Ubuntu specific)
     - install man/man8/sudo_root.8 (Ubuntu specific)
     - install apport hooks
   - debian/sudo-ldap.dirs, debian/sudo.dirs: add
     usr/share/apport/package-hooks
   - debian/patches/ubuntu-sudo-as-admin-successful.patch: adjust sudo.c so
     that if the user successfully authenticated and he is in the 'admin'
     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
     profile checks for this and displays a short intro about sudo if the flag
     is not present
  * Dropped the following, now included upstream:
    - fix for CVE-2010-1163
    - fix for CVE-2010-0426
    - debian/sudo.postinst, debian/sudo-ldap.postinst: update description to
      match behavior in sudoers file
    - don't install init script. Debian moved to /var/lib/sudo from
      /var/run/sudo, so Ubuntu's tmpfs usage won't clean those out
      automatically any more, so we now need the initscript.

a386c52... by Bdale Garbee on 2010-06-10

Import patches-unapplied version 1.7.2p7-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 31f3ec42e77a3a5a1bbe610a1750f4b01b094c15

New changelog entries:
  * new upstream release with security fix for secure path (CVE-2010-1646),
    closes: #585394
  * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
    about whether to give the lecture is preserved across reboots even when
    RAMRUN is set, closes: #581393
  * add a note to README.Debian about LDAP needing an entry in
    /etc/nsswitch.conf, closes: #522065
  * add a note to README.Debian about how to turn off lectures if using
    RAMRUN in /etc/default/rcS, closes: #581393

31f3ec4... by Bdale Garbee on 2010-04-19

Import patches-unapplied version 1.7.2p6-1 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 258d9936ef840ccbf8edd74790ee0a883af94849

New changelog entries:
  * new upstream version fixing CVE-2010-1163, closes: #578275, #570737

258d993... by Bdale Garbee on 2010-03-11

Import patches-unapplied version 1.7.2p5-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8e5ef52d3db2228e1174b4f28a4decb125fa1d0a

New changelog entries:
  * new upstream release, closes a bug filed upstream regarding missing man
    page processing scripts in the 1.7.2p1 tarball, also includes the fix
    for CVE-2010-0426 previously the subject of a security team nmu
  * move to source format 3.0 (quilt) and restructure changes as patches
  * fix unprocessed substitution variables in man pages, closes: #557204
  * apply patch from Neil Moore to fix Debian-specific content in the
    visudo man page, closes: #555013
  * update descriptions to better explain sudo-ldap, closes: #573108
  * eliminate spurious 'and' in man page, closes: #571620
  * fix confusing text in default sudoers, closes: #566607

8e5ef52... by Bdale Garbee on 2009-08-31

Import patches-unapplied version 1.7.2p1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 161f8f92809ef2ee45c1bdd4f92a13bd2478f613

New changelog entries:
  * new upstream version
  * add support for /etc/sudoers.d using #includedir in default sudoers,
    which I think is also a good solution to the request for a crontab-like
    API requested in March of 2001, closes: #539994, #271813, #89743
  * move init.d script from using rcS.d to rc[0-6].d, closes: #542924

161f8f9... by Bdale Garbee on 2009-07-29

Import patches-unapplied version 1.7.2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d69f56b70711a426a9f120c4957c5238c025f03f

New changelog entries:
  * further improve initial sudoers to not include the NOPASSWD option on
    the group sudo exception, closes: #539136, #198991

d69f56b... by Bdale Garbee on 2009-07-15

Import patches-unapplied version 1.7.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 070312e996df2ea0717630dc949060bd580726a0

New changelog entries:
  * new upstream version, closes: #537103
  * improve initial sudoers by having the exemption for users in group
    sudo on by default, and including the ability to run any command as
    any user. This makes the default install roughly equivalent to our
    old use of the --with-exempt=sudo build option, closes: #536220, #536222

070312e... by Bdale Garbee on 2009-03-28

Import patches-unapplied version 1.7.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: aa40593ade6fe072e8a4f315f3e3d0d088f2dcb9

New changelog entries:
  * new upstream version, closes: #510179, #128268, #520274, #508514
  * fix ldap config file path for sudo-ldap package, including creating
    a symlink in postinst and cleaning it up in postrm for the sudo-ldap
    package, closes: #430826
  * fix NOPASSWD entry location in default config file for the sudo-ldap
    instance too, closes: #479616