[ubuntu/maverick] sudo 1.7.2p7-1ubuntu1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Tue Jul 6 21:00:17 BST 2010


sudo (1.7.2p7-1ubuntu1) maverick; urgency=low

  * Merge from debian unstable.  Remaining changes:
   - debian/rules:
     - compile with --without-lecture --with-tty-tickets (Ubuntu specific)
     - install man/man8/sudo_root.8 (Ubuntu specific)
     - install apport hooks
   - debian/sudo-ldap.dirs, debian/sudo.dirs: add
     usr/share/apport/package-hooks
   - debian/patches/ubuntu-sudo-as-admin-successful.patch: adjust sudo.c so
     that if the user successfully authenticated and he is in the 'admin'
     group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
     profile checks for this and displays a short intro about sudo if the flag
     is not present
  * Dropped the following, now included upstream:
    - fix for CVE-2010-1163
    - fix for CVE-2010-0426
    - debian/sudo.postinst, debian/sudo-ldap.postinst: update description to
      match behavior in sudoers file
    - don't install init script. Debian moved to /var/lib/sudo from
      /var/run/sudo, so Ubuntu's tmpfs usage won't clean those out
      automatically any more, so we now need the initscript.

sudo (1.7.2p7-1) unstable; urgency=high

  * new upstream release with security fix for secure path (CVE-2010-1646),
    closes: #585394
  * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
    about whether to give the lecture is preserved across reboots even when
    RAMRUN is set, closes: #581393
  * add a note to README.Debian about LDAP needing an entry in
    /etc/nsswitch.conf, closes: #522065
  * add a note to README.Debian about how to turn off lectures if using
    RAMRUN in /etc/default/rcS, closes: #581393

sudo (1.7.2p6-1) unstable; urgency=low

  * new upstream version fixing CVE-2010-1163, closes: #578275, #570737

sudo (1.7.2p5-1) unstable; urgency=low

  * new upstream release, closes a bug filed upstream regarding missing man
    page processing scripts in the 1.7.2p1 tarball, also includes the fix
    for CVE-2010-0426 previously the subject of a security team nmu
  * move to source format 3.0 (quilt) and restructure changes as patches
  * fix unprocessed substitution variables in man pages, closes: #557204
  * apply patch from Neil Moore to fix Debian-specific content in the
    visudo man page, closes: #555013
  * update descriptions to better explain sudo-ldap, closes: #573108
  * eliminate spurious 'and' in man page, closes: #571620
  * fix confusing text in default sudoers, closes: #566607

Date: Tue, 06 Jul 2010 11:43:05 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/sudo/1.7.2p7-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 06 Jul 2010 11:43:05 -0500
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.7.2p7-1ubuntu1
Distribution: maverick
Urgency: high
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 sudo       - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Closes: 522065 555013 557204 566607 570737 571620 573108 578275 581393 585394
Changes: 
 sudo (1.7.2p7-1ubuntu1) maverick; urgency=low
 .
   * Merge from debian unstable.  Remaining changes:
    - debian/rules:
      - compile with --without-lecture --with-tty-tickets (Ubuntu specific)
      - install man/man8/sudo_root.8 (Ubuntu specific)
      - install apport hooks
    - debian/sudo-ldap.dirs, debian/sudo.dirs: add
      usr/share/apport/package-hooks
    - debian/patches/ubuntu-sudo-as-admin-successful.patch: adjust sudo.c so
      that if the user successfully authenticated and he is in the 'admin'
      group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
      profile checks for this and displays a short intro about sudo if the flag
      is not present
   * Dropped the following, now included upstream:
     - fix for CVE-2010-1163
     - fix for CVE-2010-0426
     - debian/sudo.postinst, debian/sudo-ldap.postinst: update description to
       match behavior in sudoers file
     - don't install init script. Debian moved to /var/lib/sudo from
       /var/run/sudo, so Ubuntu's tmpfs usage won't clean those out
       automatically any more, so we now need the initscript.
 .
 sudo (1.7.2p7-1) unstable; urgency=high
 .
   * new upstream release with security fix for secure path (CVE-2010-1646),
     closes: #585394
   * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state
     about whether to give the lecture is preserved across reboots even when
     RAMRUN is set, closes: #581393
   * add a note to README.Debian about LDAP needing an entry in
     /etc/nsswitch.conf, closes: #522065
   * add a note to README.Debian about how to turn off lectures if using
     RAMRUN in /etc/default/rcS, closes: #581393
 .
 sudo (1.7.2p6-1) unstable; urgency=low
 .
   * new upstream version fixing CVE-2010-1163, closes: #578275, #570737
 .
 sudo (1.7.2p5-1) unstable; urgency=low
 .
   * new upstream release, closes a bug filed upstream regarding missing man
     page processing scripts in the 1.7.2p1 tarball, also includes the fix
     for CVE-2010-0426 previously the subject of a security team nmu
   * move to source format 3.0 (quilt) and restructure changes as patches
   * fix unprocessed substitution variables in man pages, closes: #557204
   * apply patch from Neil Moore to fix Debian-specific content in the
     visudo man page, closes: #555013
   * update descriptions to better explain sudo-ldap, closes: #573108
   * eliminate spurious 'and' in man page, closes: #571620
   * fix confusing text in default sudoers, closes: #566607
Checksums-Sha1: 
 0a734f3d6b595140a085a1e4267926d103e762c7 1149 sudo_1.7.2p7-1ubuntu1.dsc
 0504e0d7b1d3c987e48325ec4caa6ebfe5237ff5 772356 sudo_1.7.2p7.orig.tar.gz
 b0aac3266dc9f4ad3b1e444c276db5f1a262676f 26268 sudo_1.7.2p7-1ubuntu1.debian.tar.gz
Checksums-Sha256: 
 852fe89495cdce4ff036fcab3b82715205e13a77a948fd089f4fd6b715545617 1149 sudo_1.7.2p7-1ubuntu1.dsc
 07a9c83e628a088314523e558236ac3c4cb0d54d7d7093e5b3e4c8101b1a2bea 772356 sudo_1.7.2p7.orig.tar.gz
 ef67a1a4b6e19bef57232570447184f037719d7dc957ae2bd84ab912921e542e 26268 sudo_1.7.2p7-1ubuntu1.debian.tar.gz
Files: 
 93d33d66adb0c59305f7cf8bf13e466b 1149 admin optional sudo_1.7.2p7-1ubuntu1.dsc
 3ac78668427a53e12d7639fdfab2f1af 772356 admin optional sudo_1.7.2p7.orig.tar.gz
 c8ba8c5e69a21a17bc95890e0ae94c95 26268 admin optional sudo_1.7.2p7-1ubuntu1.debian.tar.gz
Original-Maintainer: Bdale Garbee <bdale at gag.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwzh0wACgkQW0JvuRdL8BomIgCgnprd8VJ01WQG9+DcaYIl03HJ
NSsAoIIyqUkqWJySUrvaSs9QG/+VReMJ
=Mafz
-----END PGP SIGNATURE-----


More information about the Maverick-changes mailing list