Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > CentOS > 5 > i386 > by-pkgid > 35b1ade9a93fb8247433e212b39018a3 > changelog

sudo-1.7.2p1-29.el5_10.i386.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Tue Mar 4 2014 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-29

  - added patch for CVE-2014-0106: certain environment variables not
  sanitized when env_reset is disabled
  Resolves: rhbz#1072210

• Thu Jun 6 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-28

  - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777
  Resolves: rhbz#968221

• Thu May 23 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-27

  - visudo: fixed incorrect warning and parse error regarding
  undefined aliases which were in fact defined
  Resolves: rhbz#849679
  Resolves: rhbz#905624

• Tue May 21 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-26

  - updated sudoers man-page to clarify the behavior of the user
  negation operator and the behavior of wildcard matching in command
  specifications
  Resolves: rhbz#846118
  Resolves: rhbz#856902

• Mon May 20 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-25

  - fixed regression in escaping of sudo -i arguments
  Resolves: rhbz#853203

• Wed Feb 27 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-24

  - bump release number

• Wed Feb 27 2013 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-23

  - Fixed caching of user and group names
  - Backported RFC 4515 escaping of LDAP queries
  Resolves: rhbz#855836
  Resolves: rhbz#869287

• Thu Sep 20 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-22

  - Add the -c option to sed commands in post/postun scripts
  Resolves: rhbz#818585

• Tue Sep 4 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-21

  - Implement a new sudoers Defaults option to restore old command exec behavior
  Resolves: rhbz#840971

• Thu Aug 30 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-20

  - Add ability to treat files authoritatively in sudoers.ldap
  Resolves: rhbz#840097

• Thu Aug 23 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-19

  - Changed policycoreutils dependency to a context specific dependency
  (post & postun)
  Resolves: rhbz#846694

• Thu Aug 9 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-18

  - don't use a temporary file when modifying nsswitch.conf
  - fix permissions on nsswitch.conf, if needed
  Resolves: rhbz#846631

• Wed Aug 1 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-17

  - added a workaround for a race condition in handling child processes
  Resolves: rhbz#829263

• Thu Jul 19 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-16

  - use safe temporary files in post/postun scripts
  - corrected postun script
  Resolves: rhbz#841070

• Mon Jul 2 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-15

  - corrected release number

• Fri May 4 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14.2

  - call restorecon after modifying nsswitch.conf in the postun scriplet
  - added policycoreutils dependency
  Resolves: rhbz#818585

• Thu May 3 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14.1

  - fixed `sudo -i' command escaping (#806073)
  - fixed multiple sudoHost LDAP attr. handlng (#740884)
  Resolves: rhbz#740884
  Resolves: rhbz#806073

• Wed Apr 25 2012 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-14

  - patch: Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK
  Resolves: rhbz#814508

• Tue Nov 29 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-13

  - patch: parse ldap.conf more closely to nss_ldap
  Resolves: rhbz#750318

• Mon Nov 28 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-12

  - added patch for CVE-2011-0010
  Resolves: rhbz#757157

• Thu Oct 27 2011 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-11

  - backported selinux support from 1.7.4p5 (#477185, #673157)
  - fixed bug in Runas_Spec group matching (#627543)
  - disable `sudo -l' output word wrapping if the output
  is piped (#697111)
  - fixed overwriting of errno after execve failure (#673157)
  - fixed segmentation fault (#673072)
  - add a sudoers entry to the nsswitch.conf file
  on install (and delete it on uninstall) (#617061)
  Resolves: rhbz#697111
  Resolves: rhbz#673157
  Resolves: rhbz#673072
  Resolves: rhbz#627543
  Resolves: rhbz#617061
  Resolves: rhbz#477185

• Tue Sep 14 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-10

  - fixed regression in the sudoers parser (#580438)
  - merged .loopsegv3 and .includedir patches into .580438 patch
  - generated new toke.c from toke.l using flex (needed by #580438)
  - added !visiblepw with comment to sudoers
  - added ChangeLog, WHATSNEW and sudoers.ldap.5*
  - removed *.pod files
  - fixed printing of entries with multiple host entries on a single line (#603819)
  - fixed audit related code in configure.in (#583683)
  - removed unused patches
  - fixed a typo in the sudoers man-page (#602022)
  Resolves: rhbz#580438
  Resolves: rhbz#583911
  Resolves: rhbz#583644
  Resolves: rhbz#603819
  Resolves: rhbz#583683
  Resolves: rhbz#602022

• Wed Sep 1 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-9

  - added patch for CVE-2010-2956 (#628628)
  Resolves: rhbz#629053

• Thu Jul 22 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-8

  - added patch that fixes problem with caching user/group names
  Resolves: rhbz#615179

• Tue Jun 1 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p1-7

  - added patch that fixes insufficient environment sanitization issue (#598154)
  Resolves: rhbz#598382

• Tue Apr 13 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-6

  - added second patch for CVE-2010-0426 (#580441)
  Resolves: #580526

• Tue Feb 23 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-5

  - added patch for CVE-2010-0426 (#567337)
  Resolves: #567691

• Thu Feb 18 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-4

  - fixed shipped /etc/sudoers has "unused Cmnd_Alias DELEGATING"
  Resolves: #550326

• Thu Feb 11 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-3

  - fixed segfault when #include directive is used in cycles
  Resolves: #561336

• Thu Jan 14 2010 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-2

  - fixed a problem with includedir (see Patch8)
  Resolves: #538700

• Tue Dec 1 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.2p1-1

  - rebase to 1.7.2p1
  Resolves: #469653
  Resolves: #497873
  Resolves: #500942
  Resolves: #512191
  Resolves: #519017
  Resolves: #521778
  Resolves: #521903
  - sudo-1.7.2p1-negation.patch, don't apply negation to an already
  negated Cmnd_Alias member. Backported from upstream development
  version of sudo.
  Resolves: #453045

• Mon Feb 16 2009 Daniel Kopecek <dkopecek@redhat.com> 1.6.9p17-5

  - added sendmail to BuildRequires
  Resolves: #485514

• Thu Jan 29 2009 Daniel Kopecek <dkopecek@redhat.com> 1.6.9p17-4

  - audit patch rediff (one chunk failed to apply due to fuzz=0)
  - Fix for incorrect handling of groups in Runas_User (#481720)
  Resolves: #481821

• Tue Jan 6 2009 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-3

  - regression was found, PATH variable can not be changed, reverting #80215
  Resolves: #479029

• Mon Sep 15 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-2

  - fixing sudoers file, regression was found
  Resolves: #447408

• Wed Aug 27 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p17-1

  - rebase 1.6.8 -> 1.6.9
  - patches from F10
  - compiled with secure path(80215)
  - patches for sudoers file provided by sudo are removed,
  because we deliver our own sudoers in sources1
  - compiled without selinux support since there was no
  selinux support in previous release
  Resolves: #447408

• Thu Mar 6 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-12

  - adjust audit patch,
  Resolves: #320671

• Fri Jan 4 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-11

  - fix segfaults when using ldap on s390,
  Resolves: #305331
  - add audit support,
  Resolves: #320671

• Sun Oct 1 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-10

  - rebuilt for unwind info generation, broken in gcc-4.1.1-21

• Thu Sep 21 2006 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-9

  - fix sudoers file, X apps didn't work (#206320)

• Tue Aug 8 2006 Peter Vrabec <pvrabec@redhat.com> 1.6.8p12-8

  - use Red Hat specific default sudoers file

• Sun Jul 16 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-7

  - fix #198755 - make login processes (sudo -i) initialise session keyring
  (thanks for PAM config files to David Howells)
  - add IPv6 support (patch by Milan Zazrivec)

• Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-6.1

  - rebuild

• Mon May 29 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-6

  - fix #190062 - "ssh localhost sudo su" will show the password in clear

• Tue May 23 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-5

  - add LDAP support (#170848)

• Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-4.1

  - bump again for double-long bug on ppc(64)

• Wed Feb 8 2006 Karel Zak <kzak@redhat.com> 1.6.8p12-4

  - reset env. by default

• Tue Feb 7 2006 Jesse Keating <jkeating@redhat.com> - 1.6.8p12-3.1

  - rebuilt for new gcc4.1 snapshot and glibc changes

• Mon Jan 23 2006 Dan Walsh <dwalsh@redhat.com> 1.6.8p12-3

  - Remove selinux patch. It has been decided that the SELinux patch for sudo is
  - no longer necessary. In tageted policy it had no effect. In strict/MLS policy
  - We require the person using sudo to execute newrole before using sudo.

• Fri Dec 9 2005 Jesse Keating <jkeating@redhat.com>

  - rebuilt

• Fri Nov 25 2005 Karel Zak <kzak@redhat.com> 1.6.8p12-1

  - new upstream version 1.6.8p12

• Tue Nov 8 2005 Karel Zak <kzak@redhat.com> 1.6.8p11-1

  - new upstream version 1.6.8p11

• Thu Oct 13 2005 Tomas Mraz <tmraz@redhat.com> 1.6.8p9-6

  - use include instead of pam_stack in pam config

• Tue Oct 11 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-5

  - enable interfaces in selinux patch
  - merge sudo-1.6.8p8-sesh-stopsig.patch to selinux patch

• Mon Sep 19 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-4

  - fix debuginfo

• Mon Sep 19 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-3

  - fix #162623 - sesh hangs when child suspends

• Mon Aug 1 2005 Dan Walsh <dwalsh@redhat.com> 1.6.8p9-2

  - Add back in interfaces call, SELinux has been fixed to work around

• Tue Jun 21 2005 Karel Zak <kzak@redhat.com> 1.6.8p9-1

  - new version 1.6.8p9 (resolve #161116 - CAN-2005-1993 sudo trusted user arbitrary command execution)

• Tue May 24 2005 Karel Zak <kzak@redhat.com> 1.6.8p8-2

  - fix #154511 - sudo does not use limits.conf

• Mon Apr 4 2005 Thomas Woerner <twoerner@redhat.com> 1.6.8p8-1

  - new version 1.6.8p8: new sudoedit and sudo_noexec

• Wed Feb 9 2005 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-31

  - rebuild

• Mon Oct 4 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-30.1

  - added missing BuildRequires for libselinux-devel (#132883)

• Wed Sep 29 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-30

  - Fix missing param error in sesh

• Mon Sep 27 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-29

  - Remove full patch check from sesh

• Thu Jul 8 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-28

  - Fix selinux patch to switch to root user

• Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>

  - rebuilt

• Tue Apr 13 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-26

  - Eliminate tty handling from selinux

• Thu Apr 1 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-25

  - fixed spec file: sesh in file section with selinux flag (#119682)

• Tue Mar 30 2004 Colin Walters <walters@redhat.com> 1.6.7p5-24

  - Enhance sesh.c to fork/exec children itself, to avoid
  having sudo reap all domains.
  - Only reinstall default signal handlers immediately before
  exec of child with SELinux patch

• Thu Mar 18 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-23

  - change to default to sysadm_r
  - Fix tty handling

• Thu Mar 18 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-22

  - Add /bin/sesh to run selinux code.
  - replace /bin/bash -c with /bin/sesh

• Tue Mar 16 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-21

  - Hard code to use "/bin/bash -c" for selinux

• Tue Mar 16 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-20

  - Eliminate closing and reopening of terminals, to match su.

• Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-19

  - SELinux fixes to make transitions work properly

• Fri Mar 5 2004 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-18

  - pied sudo

• Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>

  - rebuilt

• Tue Jan 27 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-16

  - Eliminate interfaces call, since this requires big SELinux privs
  - and it seems to be useless.

• Tue Jan 27 2004 Karsten Hopp <karsten@redhat.de> 1.6.7p5-15

  - visudo requires vim-minimal or setting EDITOR to something useful (#68605)

• Mon Jan 26 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-14

  - Fix is_selinux_enabled call

• Tue Jan 13 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-13

  - Clean up patch on failure

• Tue Jan 6 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-12

  - Remove sudo.te for now.

• Fri Jan 2 2004 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-11

  - Fix usage message

• Mon Dec 22 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-10

  - Clean up sudo.te to not blow up if pam.te not present

• Thu Dec 18 2003 Thomas Woerner <twoerner@redhat.com>

  - added missing BuildRequires for groff

• Tue Dec 16 2003 Jeremy Katz <katzj@redhat.com> 1.6.7p5-9

  - remove left-over debugging code

• Tue Dec 16 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-8

  - Fix terminal handling that caused Sudo to exit on non selinux machines.

• Mon Dec 15 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-7

  - Remove sudo_var_run_t which is now pam_var_run_t

• Fri Dec 12 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-6

  - Fix terminal handling and policy

• Thu Dec 11 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-5

  - Fix policy

• Thu Nov 13 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-4.sel

  - Turn on SELinux support

• Tue Jul 29 2003 Dan Walsh <dwalsh@redhat.com> 1.6.7p5-3

  - Add support for SELinux

• Wed Jun 4 2003 Elliot Lee <sopwith@redhat.com>

  - rebuilt

• Mon May 19 2003 Thomas Woerner <twoerner@redhat.com> 1.6.7p5-1

  * Wed Jan 22 2003 Tim Powers
  - rebuilt

• Tue Nov 12 2002 Nalin Dahyabhai <nalin@redhat.com> 1.6.6-2

  - remove absolute path names from the PAM configuration, ensuring that the
  right modules get used for whichever arch we're built for
  - don't try to install the FAQ, which isn't there any more

• Thu Jun 27 2002 Bill Nottingham <notting@redhat.com> 1.6.6-1

  - update to 1.6.6

• Fri Jun 21 2002 Tim Powers <timp@redhat.com>

  - automated rebuild

• Thu May 23 2002 Tim Powers <timp@redhat.com>

  - automated rebuild

• Thu Apr 18 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p2-2

  - Fix bug #63768

• Thu Mar 14 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p2-1

  - 1.6.5p2

• Fri Jan 18 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5p1-1

  - 1.6.5p1
  - Hope this "a new release per day" madness stops ;)

• Thu Jan 17 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.5-1

  - 1.6.5

• Tue Jan 15 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.4p1-1

  - 1.6.4p1

• Mon Jan 14 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.4-1

  - Update to 1.6.4

• Mon Jul 23 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.6.3p7-2

  - Add build requirements (#49706)
  - s/Copyright/License/
  - bzip2 source

• Sat Jun 16 2001 Than Ngo <than@redhat.com>

  - update to 1.6.3p7
  - use %{_tmppath}

• Fri Feb 23 2001 Bernhard Rosenkraenzer <bero@redhat.com>

  - 1.6.3p6, fixes buffer overrun

• Tue Oct 10 2000 Bernhard Rosenkraenzer <bero@redhat.com>

  - 1.6.3p5

• Wed Jul 12 2000 Prospector <bugzilla@redhat.com>

  - automatic rebuild

• Tue Jun 6 2000 Karsten Hopp <karsten@redhat.de>

  - fixed owner of sudo and visudo

• Thu Jun 1 2000 Nalin Dahyabhai <nalin@redhat.com>

  - modify PAM setup to use system-auth
  - clean up buildrooting by using the makeinstall macro

• Tue Apr 11 2000 Bernhard Rosenkraenzer <bero@redhat.com>

  - initial build in main distrib
  - update to 1.6.3
  - deal with compressed man pages

• Tue Dec 14 1999 Preston Brown <pbrown@redhat.com>

  - updated to 1.6.1 for Powertools 6.2
  - config files are now noreplace.

• Thu Jul 22 1999 Tim Powers <timp@redhat.com>

  - updated to 1.5.9p2 for Powertools 6.1

• Wed May 12 1999 Bill Nottingham <notting@redhat.com>

  - sudo is configured with pam. There's no pam.d file. Oops.

• Mon Apr 26 1999 Preston Brown <pbrown@redhat.com>

  - upgraded to 1.59p1 for powertools 6.0

• Tue Oct 27 1998 Preston Brown <pbrown@redhat.com>

  - fixed so it doesn't find /usr/bin/vi first, but instead /bin/vi (always installed)

• Thu Oct 8 1998 Michael Maher <mike@redhat.com>

  - built package for 5.2

• Mon May 18 1998 Michael Maher <mike@redhat.com>

  - updated SPEC file.

• Thu Jan 29 1998 Otto Hammersmith <otto@redhat.com>

  - updated to 1.5.4

• Tue Nov 18 1997 Otto Hammersmith <otto@redhat.com>

  - built for glibc, no problems

• Fri Apr 25 1997 Michael Fulbright <msf@redhat.com>

  - Fixed for 4.2 PowerTools
  - Still need to be pamified
  - Still need to move stmp file to /var/log

• Mon Feb 17 1997 Michael Fulbright <msf@redhat.com>

  - First version for PowerCD.