[Bug 1451274] Re: sudo does not check fdqn properly

Launchpad Bug Tracker Wed, 13 May 2015 14:57:07 -0700

This bug was fixed in the package sudo - 1.8.12-1ubuntu1

---------------
sudo (1.8.12-1ubuntu1) wily; urgency=medium


  * Merge from Debian unstable. (LP: #1451274, LP: #1219337)
    Remaining changes:
    - debian/rules:
      + compile with --without-lecture --with-tty-tickets --enable-admin-flag
      + install man/man8/sudo_root.8 in both flavours
      + install apport hooks
    - debian/sudoers:
      + also grant admin group sudo access
    - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs:
      + add usr/share/apport/package-hooks
    - debian/sudo.pam:
      + Use pam_env to read /etc/environment and /etc/default/locale
        environment files. Reading ~/.pam_environment is not permitted due to
        security reasons.
    - debian/control:
      + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command
    - Remaining patches:
      + keep_home_by_default.patch: Keep HOME in the default environment
      + debian/patches/also_check_sudo_group.diff: also check the sudo group
        in plugins/sudoers/sudoers.c to create the admin flag file. Leave the
        admin group check for backwards compatibility.
  * Dropped patches no longer needed:
      + add_probe_interfaces_setting.diff
      + actually-use-buildflags.diff
      + CVE-2014-9680.patch

sudo (1.8.12-1) unstable; urgency=low

  * new upstream version, closes: #772707, #773383
  * patch from Christian Kastner to fix sudoers handling error when moving
    between sudo and sudo-ldap packages, closes: #776137

sudo (1.8.11p2-1) unstable; urgency=low

  * new upstream version

sudo (1.8.11p1-2) unstable; urgency=low

  * patch from Jakub Wilk to fix 'ignoring time stamp from the future'
    messages, closes: #762465
  * upstream patch forwarded by Laurent Bigonville that fixes problem with
    Linux kernel auditing code, closes: #764817

sudo (1.8.11p1-1) unstable; urgency=low

  * new upstream version, closes: #764286
  * fix typo in German translation, closes: #761601

sudo (1.8.10p3-1) unstable; urgency=low

  * new upstream release
  * add hardening=+all to match login and su
  * updated VCS URLs and crypto verified watch file, closes: #747473
  * harmonize configure options for LDAP version to match non-LDAP version,
    in particular stop using --with-secure-path and add configure_args
  * enable audit support on Linux systems, closes: #745779
  * follow upstream change from --with-timedir to --with-rundir

 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Wed, 13 May 2015
15:43:49 -0400

** Changed in: sudo (Ubuntu)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9680

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1451274

Title:
  sudo does not check fdqn properly

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1451274/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1451274] Re: sudo does not check fdqn properly

Reply via email to