blob: f062920eeea227b6b3614262097fa0990541e8b4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
sudo (1.9.5p2-3) unstable; urgency=medium
We have added "Defaults use_pty" to the default configuration. This fixes
CVE-2005-4890 which has been lingering around for more then a decade.
If you would like the old behavior back, please remove the respective line
from /etc/sudoers.
-- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 24 Feb 2021 17:59:22 +0100
sudo (1.8.2-1) unstable; urgency=low
The sudo package is no longer configured using --with-secure-path.
Instead, the provided sudoers file now contains a line declaring
'Defaults secure_path=' with the same path content that was previously
hard-coded in the binary. A consequence of this change is that if you
do not have such a definition in sudoers, the PATH searched for commands
by sudo may be empty.
Using explicit paths for each command you want to run with sudo will work
well enough to allow the sudoers file to be updated with a suitable entry
if one is not already present and you choose to not accept the updated
version provided by the package.
-- Bdale Garbee <bdale@gag.com> Wed, 24 Aug 2011 13:33:11 -0600
sudo (1.7.4p4-2) unstable; urgency=low
The HOME and MAIL environment variables are now reset based on the
target user's password database entry when the env_reset sudoers option
is enabled (which is the case in the default configuration). Users
wishing to preserve the original values should use a sudoers entry like:
Defaults env_keep += HOME
to preserve the old value of HOME and
Defaults env_keep += MAIL
to preserve the old value of MAIL.
The change in handling of HOME is known to affect programs like pbuilder.
-- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600
sudo (1.6.8p12-5) unstable; urgency=low
The sudo package is no longer configured --with-exempt=sudo. If you
depend on members of group sudo being able to run sudo without needing
a password, you will need to put "%sudo ALL=NOPASSWD: ALL" in
/etc/sudoers to preserve equivalent functionality.
-- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:13:39 -0600
|