On Wed, 12 Jan 2011 22:38:56 +0100, Moritz Muehlenhoff <j...@debian.org> wrote: > Package: release.debian.org > Severity: normal > User: release.debian....@packages.debian.org > Usertags: unblock > > Please unblock package sudo. It fixes CVE-2011-0010. > > unblock sudo/1.7.4p4-6 > > There are some non-security fixes since the -2 version in testing, > though.
I would love to see -6 replace -2 in testing. I just reviewed my commit logs, and all of the changes in that range were either packaging improvements, or minimal patches from upstream to fix real bugs. In particular, note that the patch from upstream that took us from -5 to -6 also has potential security implications (in some circumstances a user could change default group without the expected password prompt). Bdale
pgpwA5h2Qyf2e.pgp
Description: PGP signature
