This bug was fixed in the package sudo - 1.8.12-1ubuntu1 --------------- sudo (1.8.12-1ubuntu1) wily; urgency=medium
* Merge from Debian unstable. (LP: #1451274, LP: #1219337) Remaining changes: - debian/rules: + compile with --without-lecture --with-tty-tickets --enable-admin-flag + install man/man8/sudo_root.8 in both flavours + install apport hooks - debian/sudoers: + also grant admin group sudo access - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + add usr/share/apport/package-hooks - debian/sudo.pam: + Use pam_env to read /etc/environment and /etc/default/locale environment files. Reading ~/.pam_environment is not permitted due to security reasons. - debian/control: + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command - Remaining patches: + keep_home_by_default.patch: Keep HOME in the default environment + debian/patches/also_check_sudo_group.diff: also check the sudo group in plugins/sudoers/sudoers.c to create the admin flag file. Leave the admin group check for backwards compatibility. * Dropped patches no longer needed: + add_probe_interfaces_setting.diff + actually-use-buildflags.diff + CVE-2014-9680.patch sudo (1.8.12-1) unstable; urgency=low * new upstream version, closes: #772707, #773383 * patch from Christian Kastner to fix sudoers handling error when moving between sudo and sudo-ldap packages, closes: #776137 sudo (1.8.11p2-1) unstable; urgency=low * new upstream version sudo (1.8.11p1-2) unstable; urgency=low * patch from Jakub Wilk to fix 'ignoring time stamp from the future' messages, closes: #762465 * upstream patch forwarded by Laurent Bigonville that fixes problem with Linux kernel auditing code, closes: #764817 sudo (1.8.11p1-1) unstable; urgency=low * new upstream version, closes: #764286 * fix typo in German translation, closes: #761601 sudo (1.8.10p3-1) unstable; urgency=low * new upstream release * add hardening=+all to match login and su * updated VCS URLs and crypto verified watch file, closes: #747473 * harmonize configure options for LDAP version to match non-LDAP version, in particular stop using --with-secure-path and add configure_args * enable audit support on Linux systems, closes: #745779 * follow upstream change from --with-timedir to --with-rundir -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 13 May 2015 15:43:49 -0400 ** Changed in: sudo (Ubuntu) Status: Triaged => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9680 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1451274 Title: sudo does not check fdqn properly To manage notifications about this bug go to: https://bugs.launchpad.net/sudo/+bug/1451274/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs