Ubuntu
sudo package

lp:~vorlon/ubuntu/quantal/sudo/lp.982684

  1. Quantal (12.10)
  2. lp.982684
Created by Steve Langasek and last modified
Get this branch:
bzr branch lp:~vorlon/ubuntu/quantal/sudo/lp.982684
Only Steve Langasek can upload to this branch. If you are Steve Langasek please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Steve Langasek
Status:
Development

Recent revisions

57. By Steve Langasek

debian/patches/pam_env_export.patch: preliminary patch to try to support
exporting the pam_getenvlist() environment to the session. Doesn't work
yet, presumably because sudo's own env cleaning support is clobbering it
afterwards.

56. By Steve Langasek

debian/sudo.pam: call pam_env to pull /etc/environment and
/etc/default/locale settings by default; there's no reason sudo should
be excluded from these. But we take care not to read from
~/.pam_environment, as that could be a security problem. LP: #982684.

55. By TJ (Ubuntu Contributions)

Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)

54. By Marc Deslauriers

* SECURITY UPDATE: permissions bypass via format string
  - debian/patches/CVE-2012-0809.patch: fix format string vulnerability
    in src/sudo.c.
  - CVE-2012-0809

53. By Marc Deslauriers

* debian/sudo.preinst:
  - updated to avoid conffile prompt by migrating to the new sudoers file
    changes in Precise. (LP: #894410)

52. By Marc Deslauriers

* Merge from debian/testing, remaining changes:
  - debian/patches/keep_home_by_default.patch:
    + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1)
  - debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
    + attempting sudo without knowing a login password is as bad as not
      being listed in the sudoers file, especially if getting the password
      wrong means doing the access-check-email-notification never happens
      (rebased for 1.8.3p1)
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 (Ubuntu specific)
    + install apport hooks
    + The ubuntu-sudo-as-admin-successful.patch was taken upstream by
      Debian however it requires a --enable-admin-flag configure flag to
      actually enable it.
  - debian/sudoers:
    + grant admin group sudo access
  - debian/sudo-ldap.dirs, debian/sudo.dirs:
    + add usr/share/apport/package-hooks
  - debian/sudo.preinst:
    + avoid conffile prompt by checking for known default /etc/sudoers
      and if found installing the correct default /etc/sudoers file

51. By Kees Cook

* debian/patches/enable_badpass.patch: turn on "mail_badpass" by default:
  - attempting sudo without knowing a login password is as bad as not
    being listed in the sudoers file, especially if getting the password
    wrong means doing the access-check-email-notification never happens
    (Closes: 641218).

50. By Michael Vogt

* Merge from debian/unstable, remaining changes:
  - debian/patches/keep_home_by_default.patch:
    + Set HOME in initial_keepenv_table.
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 (Ubuntu specific)
    + install apport hooks
  - debian/sudoers:
    + grant admin group sudo access
  - debian/sudo-ldap.dirs, debian/sudo.dirs:
    + add usr/share/apport/package-hooks
* drop debian/patches/CVE-2011-0010.patch, applied upstream now

49. By Scott Moser

* debian/sudo.preinst:
  - if well-known ec2 vmbuilder file is found, write a file in
    sudoers.d for the 'ubuntu' user (LP: #768625)

48. By Michael Vogt

* debian/sudo.preinst:
  - do not consider the ec2 vmbuilder default sudoers file
    verbatim as its actually customized (LP: #761689)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/quantal/sudo
This branch contains Public information 
Everyone can see this information.

Subscribers