-
Wed Mar 05 2014 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-29
- added patch for CVE-2014-0106: certain environment variables not
sanitized when env_reset is disabled
Resolves: rhbz#1072210
-
Fri Jun 07 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-28
- backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777
Resolves: rhbz#968221
-
Fri May 24 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-27
- visudo: fixed incorrect warning and parse error regarding
undefined aliases which were in fact defined
Resolves: rhbz#849679
Resolves: rhbz#905624
-
Wed May 22 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-26
- updated sudoers man-page to clarify the behavior of the user
negation operator and the behavior of wildcard matching in command
specifications
Resolves: rhbz#846118
Resolves: rhbz#856902
-
Tue May 21 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-25
- fixed regression in escaping of sudo -i arguments
Resolves: rhbz#853203
-
Thu Feb 28 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-24
- bump release number
-
Thu Feb 28 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-23
- Fixed caching of user and group names
- Backported RFC 4515 escaping of LDAP queries
Resolves: rhbz#855836
Resolves: rhbz#869287
-
Fri Sep 21 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-22
- Add the -c option to sed commands in post/postun scripts
Resolves: rhbz#818585
-
Wed Sep 05 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-21
- Implement a new sudoers Defaults option to restore old command exec behavior
Resolves: rhbz#840971
-
Fri Aug 31 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-20
- Add ability to treat files authoritatively in sudoers.ldap
Resolves: rhbz#840097
-
Fri Aug 24 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-19
- Changed policycoreutils dependency to a context specific dependency
(post & postun)
Resolves: rhbz#846694
-
Fri Aug 10 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-18
- don't use a temporary file when modifying nsswitch.conf
- fix permissions on nsswitch.conf, if needed
Resolves: rhbz#846631
-
Thu Aug 02 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-17
- added a workaround for a race condition in handling child processes
Resolves: rhbz#829263
-
Fri Jul 20 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-16
- use safe temporary files in post/postun scripts
- corrected postun script
Resolves: rhbz#841070
-
Tue Jul 03 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-15
- corrected release number
-
Sat May 05 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14.2
- call restorecon after modifying nsswitch.conf in the postun scriplet
- added policycoreutils dependency
Resolves: rhbz#818585
-
Fri May 04 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14.1
- fixed `sudo -i' command escaping (#806073)
- fixed multiple sudoHost LDAP attr. handlng (#740884)
Resolves: rhbz#740884
Resolves: rhbz#806073
-
Thu Apr 26 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14
- patch: Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK
Resolves: rhbz#814508
-
Wed Nov 30 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-13
- patch: parse ldap.conf more closely to nss_ldap
Resolves: rhbz#750318
-
Tue Nov 29 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-12
- added patch for CVE-2011-0010
Resolves: rhbz#757157
-
Fri Oct 28 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-11
- backported selinux support from 1.7.4p5 (#477185, #673157)
- fixed bug in Runas_Spec group matching (#627543)
- disable `sudo -l' output word wrapping if the output
is piped (#697111)
- fixed overwriting of errno after execve failure (#673157)
- fixed segmentation fault (#673072)
- add a sudoers entry to the nsswitch.conf file
on install (and delete it on uninstall) (#617061)
Resolves: rhbz#697111
Resolves: rhbz#673157
Resolves: rhbz#673072
Resolves: rhbz#627543
Resolves: rhbz#617061
Resolves: rhbz#477185
-
Wed Sep 15 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-10
- fixed regression in the sudoers parser (#580438)
- merged .loopsegv3 and .includedir patches into .580438 patch
- generated new toke.c from toke.l using flex (needed by #580438)
- added !visiblepw with comment to sudoers
- added ChangeLog, WHATSNEW and sudoers.ldap.5*
- removed *.pod files
- fixed printing of entries with multiple host entries on a single line (#603819)
- fixed audit related code in configure.in (#583683)
- removed unused patches
- fixed a typo in the sudoers man-page (#602022)
Resolves: rhbz#580438
Resolves: rhbz#583911
Resolves: rhbz#583644
Resolves: rhbz#603819
Resolves: rhbz#583683
Resolves: rhbz#602022
-
Thu Sep 02 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-9
- added patch for CVE-2010-2956 (#628628)
Resolves: rhbz#629053
-
Fri Jul 23 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-8
- added patch that fixes problem with caching user/group names
Resolves: rhbz#615179
-
Wed Jun 02 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-7
- added patch that fixes insufficient environment sanitization issue (#598154)
Resolves: rhbz#598382
-
Wed Apr 14 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-6
- added second patch for CVE-2010-0426 (#580441)
Resolves: #580526
-
Wed Feb 24 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-5
- added patch for CVE-2010-0426 (#567337)
Resolves: #567691
-
Fri Feb 19 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-4
- fixed shipped /etc/sudoers has "unused Cmnd_Alias DELEGATING"
Resolves: #550326
-
Fri Feb 12 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-3
- fixed segfault when #include directive is used in cycles
Resolves: #561336
-
Fri Jan 15 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-2
- fixed a problem with includedir (see Patch8)
Resolves: #538700
-
Wed Dec 02 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-1
- rebase to 1.7.2p1
Resolves: #469653
Resolves: #497873
Resolves: #500942
Resolves: #512191
Resolves: #519017
Resolves: #521778
Resolves: #521903
- sudo-1.7.2p1-negation.patch, don't apply negation to an already
negated Cmnd_Alias member. Backported from upstream development
version of sudo.
Resolves: #453045
-
Tue Feb 17 2009 Daniel Kopecek <dkopecek@redhat.com> 1.6.9p17-5
- added sendmail to BuildRequires
Resolves: #485514
-
Fri Jan 30 2009 Daniel Kopecek <dkopecek@redhat.com> 1.6.9p17-4
- audit patch rediff (one chunk failed to apply due to fuzz=0)
- Fix for incorrect handling of groups in Runas_User (#481720)
Resolves: #481821
-
Wed Jan 07 2009 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-3
- regression was found, PATH variable can not be changed, reverting #80215
Resolves: #479029
-
Tue Sep 16 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-2
- fixing sudoers file, regression was found
Resolves: #447408
-
Thu Aug 28 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-1
- rebase 1.6.8 -> 1.6.9
- patches from F10
- compiled with secure path(80215)
- patches for sudoers file provided by sudo are removed,
because we deliver our own sudoers in sources1
- compiled without selinux support since there was no
selinux support in previous release
Resolves: #447408
-
Fri Mar 07 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-12
- adjust audit patch,
Resolves: #320671
-
Sat Jan 05 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-11
- fix segfaults when using ldap on s390,
Resolves: #305331
- add audit support,
Resolves: #320671
-
Mon Oct 02 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-10
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
-
Fri Sep 22 2006 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-9
- fix sudoers file, X apps didn't work (#206320)
-
Wed Aug 09 2006 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-8
- use Red Hat specific default sudoers file
-
Mon Jul 17 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-7
- fix #198755 - make login processes (sudo -i) initialise session keyring
(thanks for PAM config files to David Howells)
- add IPv6 support (patch by Milan Zazrivec)
-
Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-6.1
- rebuild
-
Tue May 30 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-6
- fix #190062 - "ssh localhost sudo su" will show the password in clear
-
Wed May 24 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-5
- add LDAP support (#170848)
-
Sat Feb 11 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-4.1
- bump again for double-long bug on ppc(64)
-
Thu Feb 09 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-4
- reset env. by default
-
Wed Feb 08 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-3.1
- rebuilt for new gcc4.1 snapshot and glibc changes
-
Tue Jan 24 2006 Dan Walsh <dwalsh@redhat.com> 1.6.8p12-3
- Remove selinux patch. It has been decided that the SELinux patch for sudo is
- no longer necessary. In tageted policy it had no effect. In strict/MLS policy
- We require the person using sudo to execute newrole before using sudo.
-
Sat Dec 10 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
-
Sat Nov 26 2005 Karel Zak <kzak@redhat.com> 1.6.8p12-1
- new upstream version 1.6.8p12
-
Wed Nov 09 2005 Karel Zak <kzak@redhat.com> 1.6.8p11-1
- new upstream version 1.6.8p11
-
Fri Oct 14 2005 Tomas Mraz <tmraz@redhat.com> 1.6.8p9-6
- use include instead of pam_stack in pam config
-
Wed Oct 12 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-5
- enable interfaces in selinux patch
- merge sudo-1.6.8p8-sesh-stopsig.patch to selinux patch
-
Tue Sep 20 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-4
- fix debuginfo
-
Tue Sep 20 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-3
- fix #162623 - sesh hangs when child suspends
-
Tue Aug 02 2005 Dan Walsh <dwalsh@redhat.com> 1.6.8p9-2
- Add back in interfaces call, SELinux has been fixed to work around
-
Wed Jun 22 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-1
- new version 1.6.8p9 (resolve #161116 - CAN-2005-1993 sudo trusted user arbitrary command execution)
-
Wed May 25 2005 Karel Zak <kzak@redhat.com> 1.6.8p8-2
- fix #154511 - sudo does not use limits.conf
-
Tue Apr 05 2005 Thomas Woerner <twoerner@redhat.com> 1.6.8p8-1
- new version 1.6.8p8: new sudoedit and sudo_noexec
-
Thu Feb 10 2005 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-31
- rebuild
-
Tue Oct 05 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-30.1
- added missing BuildRequires for libselinux-devel (#132883)
-
Thu Sep 30 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-30
- Fix missing param error in sesh
-
Tue Sep 28 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-29
- Remove full patch check from sesh
-
Fri Jul 09 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-28
- Fix selinux patch to switch to root user
-
Wed Jun 16 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
-
Wed Apr 14 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-26
- Eliminate tty handling from selinux
-
Fri Apr 02 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-25
- fixed spec file: sesh in file section with selinux flag (#119682)
-
Wed Mar 31 2004 Colin Walters <walters@redhat.com> 1.6.7p5-24
- Enhance sesh.c to fork/exec children itself, to avoid
having sudo reap all domains.
- Only reinstall default signal handlers immediately before
exec of child with SELinux patch
-
Fri Mar 19 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-23
- change to default to sysadm_r
- Fix tty handling
-
Fri Mar 19 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-22
- Add /bin/sesh to run selinux code.
- replace /bin/bash -c with /bin/sesh
-
Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-21
- Hard code to use "/bin/bash -c" for selinux
-
Wed Mar 17 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-20
- Eliminate closing and reopening of terminals, to match su.
-
Tue Mar 16 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-19
- SELinux fixes to make transitions work properly
-
Sat Mar 06 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-18
- pied sudo
-
Sat Feb 14 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
-
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-16
- Eliminate interfaces call, since this requires big SELinux privs
- and it seems to be useless.
-
Wed Jan 28 2004 Karsten Hopp <karsten@redhat.de> 1.6.7p5-15
- visudo requires vim-minimal or setting EDITOR to something useful (#68605)
-
Tue Jan 27 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-14
- Fix is_selinux_enabled call
-
Wed Jan 14 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-13
- Clean up patch on failure
-
Wed Jan 07 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-12
- Remove sudo.te for now.
-
Sat Jan 03 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-11
- Fix usage message
-
Tue Dec 23 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-10
- Clean up sudo.te to not blow up if pam.te not present
-
Fri Dec 19 2003 Thomas Woerner <twoerner@redhat.com>
- added missing BuildRequires for groff
-
Wed Dec 17 2003 Jeremy Katz <katzj@redhat.com> 1.6.7p5-9
- remove left-over debugging code
-
Wed Dec 17 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-8
- Fix terminal handling that caused Sudo to exit on non selinux machines.
-
Tue Dec 16 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-7
- Remove sudo_var_run_t which is now pam_var_run_t
-
Sat Dec 13 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-6
- Fix terminal handling and policy
-
Fri Dec 12 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-5
- Fix policy
-
Fri Nov 14 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-4.sel
- Turn on SELinux support
-
Wed Jul 30 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-3
- Add support for SELinux
-
Thu Jun 05 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
-
Tue May 20 2003 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-1
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt
-
Wed Nov 13 2002 Nalin Dahyabhai <nalin@redhat.com> 1.6.6-2
- remove absolute path names from the PAM configuration, ensuring that the
right modules get used for whichever arch we're built for
- don't try to install the FAQ, which isn't there any more
-
Fri Jun 28 2002 Bill Nottingham <notting@redhat.com> 1.6.6-1
- update to 1.6.6
-
Sat Jun 22 2002 Tim Powers <timp@redhat.com>
- automated rebuild
-
Fri May 24 2002 Tim Powers <timp@redhat.com>
- automated rebuild
-
Fri Apr 19 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p2-2
- Fix bug #63768
-
Fri Mar 15 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p2-1
- 1.6.5p2
-
Sat Jan 19 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p1-1
- 1.6.5p1
- Hope this "a new release per day" madness stops ;)
-
Fri Jan 18 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5-1
- 1.6.5
-
Wed Jan 16 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.4p1-1
- 1.6.4p1
-
Tue Jan 15 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.4-1
- Update to 1.6.4
-
Tue Jul 24 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.3p7-2
- Add build requirements (#49706)
- s/Copyright/License/
- bzip2 source
-
Sun Jun 17 2001 Than Ngo <than@redhat.com>
- update to 1.6.3p7
- use %{_tmppath}
-
Sat Feb 24 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.6.3p6, fixes buffer overrun
-
Wed Oct 11 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.6.3p5
-
Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
-
Wed Jun 07 2000 Karsten Hopp <karsten@redhat.de>
- fixed owner of sudo and visudo
-
Fri Jun 02 2000 Nalin Dahyabhai <nalin@redhat.com>
- modify PAM setup to use system-auth
- clean up buildrooting by using the makeinstall macro
-
Wed Apr 12 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- initial build in main distrib
- update to 1.6.3
- deal with compressed man pages
-
Wed Dec 15 1999 Preston Brown <pbrown@redhat.com>
- updated to 1.6.1 for Powertools 6.2
- config files are now noreplace.
-
Fri Jul 23 1999 Tim Powers <timp@redhat.com>
- updated to 1.5.9p2 for Powertools 6.1
-
Thu May 13 1999 Bill Nottingham <notting@redhat.com>
- sudo is configured with pam. There's no pam.d file. Oops.
-
Tue Apr 27 1999 Preston Brown <pbrown@redhat.com>
- upgraded to 1.59p1 for powertools 6.0
-
Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
- fixed so it doesn't find /usr/bin/vi first, but instead /bin/vi (always installed)
-
Fri Oct 09 1998 Michael Maher <mike@redhat.com>
- built package for 5.2
-
Tue May 19 1998 Michael Maher <mike@redhat.com>
- updated SPEC file.
-
Fri Jan 30 1998 Otto Hammersmith <otto@redhat.com>
- updated to 1.5.4
-
Wed Nov 19 1997 Otto Hammersmith <otto@redhat.com>
- built for glibc, no problems
-
Sat Apr 26 1997 Michael Fulbright <msf@redhat.com>
- Fixed for 4.2 PowerTools
- Still need to be pamified
- Still need to move stmp file to /var/log
-
Tue Feb 18 1997 Michael Fulbright <msf@redhat.com>
- First version for PowerCD.