1
sudo (1.6.8p9-2ubuntu2) breezy; urgency=low
3
* debian/init.d: When resetting the timestamps of the tty tags, actually
4
touch the files, not the per-user directories. Since bootclean.sh removes
5
/var/run/* anyway, this is no big deal, but clean it up anyway for the
6
sake of correctness. (Ubuntu #16594)
8
-- Martin Pitt <martin.pitt@ubuntu.com> Fri, 30 Sep 2005 09:52:27 +0200
10
sudo (1.6.8p9-2ubuntu1) breezy; urgency=low
12
* Resynchronise with Debian, resolve merging conflicts and unscramble
15
-- Martin Pitt <martin.pitt@ubuntu.com> Thu, 7 Jul 2005 09:01:48 +0000
17
sudo (1.6.8p9-2) unstable; urgency=high
19
* merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1,
22
-- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400
24
sudo (1.6.8p9-1) unstable; urgency=high
26
* new upstream version, fixes a race condition in sudo's pathname
27
validation, which is a security issue (CAN-2005-1993),
28
closes: #315115, #315718
30
-- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400
32
sudo (1.6.8p7-1) unstable; urgency=low
34
* new upstream version, closes: #299585
35
* update lintian overrides to squelch the postinst warning
36
* change sudoedit from a hard to a soft link, closes: #296896
37
* fix regex doc in sudoers man page, closes: #300361
39
-- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700
41
sudo (1.6.8p5-1ubuntu3) breezy; urgency=low
43
* SECURITY UPDATE: Fix privilege escalation.
44
* sudo.c, parse.yacc: safe_cmd contains the actually executed program which
45
is normally taken from /etc/sudoers. However, if sudoers contains "ALL"
46
entries that follow the matching entry, safe_cmd was overwritten with the
47
path the user specified on the command line, which opens up the
48
possibility of executing arbitrary commands by generating symlinks to
52
http://www.securityfocus.com/archive/1/402741
54
-- Martin Pitt <martin.pitt@ubuntu.com> Tue, 21 Jun 2005 13:41:05 +0200
1
56
sudo (1.6.8p5-1ubuntu2) hoary; urgency=low
3
58
* Add !fqdn to the Defaults so we don't die horribly when localhost doesn't