summaryrefslogtreecommitdiffstats
path: root/debian/NEWS
blob: f062920eeea227b6b3614262097fa0990541e8b4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
sudo (1.9.5p2-3) unstable; urgency=medium

  We have added "Defaults use_pty" to the default configuration. This fixes
  CVE-2005-4890 which has been lingering around for more then a decade.
  If you would like the old behavior back, please remove the respective line
  from /etc/sudoers.

 -- Marc Haber <mh+debian-packages@zugschlus.de>  Wed, 24 Feb 2021 17:59:22 +0100

sudo (1.8.2-1) unstable; urgency=low

  The sudo package is no longer configured using --with-secure-path.
  Instead, the provided sudoers file now contains a line declaring
  'Defaults secure_path=' with the same path content that was previously
  hard-coded in the binary.  A consequence of this change is that if you
  do not have such a definition in sudoers, the PATH searched for commands
  by sudo may be empty.

  Using explicit paths for each command you want to run with sudo will work
  well enough to allow the sudoers file to be updated with a suitable entry
  if one is not already present and you choose to not accept the updated
  version provided by the package.
  
 -- Bdale Garbee <bdale@gag.com>  Wed, 24 Aug 2011 13:33:11 -0600

sudo (1.7.4p4-2) unstable; urgency=low

  The HOME and MAIL environment variables are now reset based on the
  target user's password database entry when the env_reset sudoers option
  is enabled (which is the case in the default configuration).  Users
  wishing to preserve the original values should use a sudoers entry like:
     Defaults env_keep += HOME
  to preserve the old value of HOME and
     Defaults env_keep += MAIL
  to preserve the old value of MAIL.

  The change in handling of HOME is known to affect programs like pbuilder.

 -- Bdale Garbee <bdale@gag.com>  Wed, 08 Sep 2010 14:29:16 -0600

sudo (1.6.8p12-5) unstable; urgency=low

  The sudo package is no longer configured --with-exempt=sudo.  If you 
  depend on members of group sudo being able to run sudo without needing
  a password, you will need to put "%sudo ALL=NOPASSWD: ALL" in 
  /etc/sudoers to preserve equivalent functionality.

 -- Bdale Garbee <bdale@gag.com>  Tue,  3 Apr 2007 21:13:39 -0600