394 lines
14 KiB
Plaintext
394 lines
14 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Oct 10 11:45:19 CEST 2007 - prusnak@suse.cz
|
|
|
|
- update to 1.6.9p6
|
|
* worked around bugs in the session support of some PAM
|
|
implementations
|
|
* the full tty path is now passed to PAM as well
|
|
* sudo now only prints the password prompt if the process is in
|
|
the foreground
|
|
* inttypes.h is now included when appropriate if it is present
|
|
* simplified alias allocation in the parser
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 25 12:07:05 CEST 2007 - prusnak@suse.cz
|
|
|
|
- update to 1.6.9p5
|
|
* fixed a bug related to supplemental group matching
|
|
* added IPv6 support from YOSHIFUJI Hideaki
|
|
* fixed the sudo_noexec installation path
|
|
* fixed a compilation error on old K&R-style compilers
|
|
* fixed a bug in the IP address matching introduced by the IPV6 merge
|
|
* for "visudo -f file" we now use the permissions of the original file
|
|
and not the hard-coded sudoers owner/group/mode
|
|
(this makes it possible to use visudo with a revision control system)
|
|
* fixed sudoedit when used on a non-existent file
|
|
* regenerated configure using autoconf 2.6.1 and libtool 1.5.24
|
|
* groups and netgroups are now valid in an LDAP sudoRunas statement
|
|
- dropped obsolete patches:
|
|
* groupmatch.patch (included in update)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 28 11:41:51 CEST 2007 - prusnak@suse.cz
|
|
|
|
- build --without-secure-path
|
|
- hardcoded secure path changed to /usr/sbin:/bin:/usr/bin:/sbin
|
|
(secure_path.diff)
|
|
- user can now add PATH variable to env_keep in /etc/sudoers
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 14 11:02:58 CEST 2007 - prusnak@suse.cz
|
|
|
|
- added XDG_SESSION_COOKIE to env_keep variables [#298943]
|
|
- fixed supplemental group matching (groupmatch.patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 11 13:06:53 CEST 2007 - schwab@suse.de
|
|
|
|
- Avoid command line parsing bug in autoconf < 2.59c.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 31 10:18:36 CEST 2007 - prusnak@suse.cz
|
|
|
|
- updated to 1.6.9p2
|
|
* fixed a crash in the error logging function
|
|
* worked around a crash when no tty was present in some PAM
|
|
implementations
|
|
* fixed updating of the saved environment when the environ pointer
|
|
gets changed out from underneath us
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 24 15:49:47 CEST 2007 - prusnak@suse.cz
|
|
|
|
- updated to 1.6.9
|
|
* added to the list of variables to remove from the environment
|
|
* fixed a Kerberos V security issue that could allow a user to
|
|
authenticate using a fake KDC
|
|
* PAM is now the default on systems where it is supported
|
|
* removed POSIX saved uid use; the stay_setuid option now requires
|
|
the setreuid() or setresuid() functions to work
|
|
* fixed fd leak when lecture file option is enabled
|
|
* PAM fixes
|
|
* security fix for Kerberos5
|
|
* fixed securid5 authentication
|
|
* added fcntl F_CLOSEM support to closefrom()
|
|
* sudo now uses the supplemental group vector for matching
|
|
* added more environment variables to remove by default
|
|
* mail from sudo now includes an Auto-Submitted: auto-generated header
|
|
* reworked the environment handling code
|
|
* remove the --with-execv option, it was not useful
|
|
* use TCSADRAIN instead of TCSAFLUSH in tgetpass() since some OSes
|
|
have issues with TCSAFLUSH
|
|
* use glob(3) instead of fnmatch(3) for matching pathnames
|
|
* reworked the syslog long line splitting code based on changes
|
|
from Eygene Ryabinkin
|
|
* visudo will now honor command line arguments in the EDITOR or VISUAL
|
|
environment variables if env_editor is enabled
|
|
* LDAP now honors rootbinddn, timelimit and bind_timelimit in /etc/ldap.conf
|
|
* For LDAP, do a sub tree search instead of a base search (one level in
|
|
the tree only) for sudo right objects
|
|
* env_reset option is now enabled by default
|
|
* moved LDAP schema data into separate files
|
|
* sudo no longer assumes that gr_mem in struct group is non-NULL
|
|
* added support for setting environment variables on the command line
|
|
if the command has the SETENV attribute set in sudoers
|
|
* added a -E flag to preserve the environment if the SETENV attribute
|
|
has been set
|
|
* sudoers2ldif script now parses Runas users
|
|
* -- flag now behaves as documented
|
|
* sudo -k/-K no longer cares if the timestamp is in the future
|
|
* when searching for the command, sudo now uses the effective gid of
|
|
the runas user
|
|
* sudo no longer updates the timestamp if not validated by sudoers
|
|
* now rebuild environment regardless of how sudo was invoked
|
|
* more accurate usage() when called as sudoedit
|
|
* command line environment variables are now treated like normal
|
|
environment variables unless the SETENV tag is set
|
|
* better explanation of environment handling in the sudo man page
|
|
- changed '/usr/bin/env perl' to '/usr/bin/env' in sudoers2ldif
|
|
script (env.diff)
|
|
- dropped obsoleted patches:
|
|
* sudo-1.6.8p12-conf.diff
|
|
* sudo-1.6.8p12-configure.diff
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 17 10:57:40 CEST 2007 - prusnak@suse.cz
|
|
|
|
- added note about special input method variables into /etc/sudoers
|
|
(sudoers.diff) [#222728]
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 26 13:16:15 CET 2007 - prusnak@suse.cz
|
|
|
|
- packaged script sudoers2ldif
|
|
* can be used for importing /etc/sudoers to LDAP
|
|
* more info at http://www.sudo.ws/sudo/readme_ldap.html
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 24 10:36:48 CET 2007 - prusnak@suse.cz
|
|
|
|
- added sudoers permission change to %post section of spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 30 14:12:34 CET 2006 - prusnak@suse.cz
|
|
|
|
- package /etc/sudoers as 0440 [Fate#300934]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 29 18:29:23 CET 2006 - prusnak@suse.cz
|
|
|
|
- protect locale-related environment variables from resetting (sudoers.diff) [#222728]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 4 19:35:18 CEST 2006 - mjancar@suse.cz
|
|
|
|
- enable LDAP support (#159774)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 14 16:55:52 CEST 2006 - schwab@suse.de
|
|
|
|
- Fix quoting in configure script.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 8 15:22:15 CET 2006 - mjancar@suse.cz
|
|
|
|
- don't limit access to local group users (#151938)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 27 09:23:26 CET 2006 - mjancar@suse.cz
|
|
|
|
- set environment and sudo search PATH to SECURE_PATH
|
|
only when env_reset (#145687)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 26 13:28:28 CET 2006 - schwab@suse.de
|
|
|
|
- Fix syntax error in /etc/sudoers.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 26 12:03:48 CET 2006 - mjancar@suse.cz
|
|
|
|
- fix PATH always reset (#145687)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 25 21:41:52 CET 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 15 20:40:26 CET 2006 - schwab@suse.de
|
|
|
|
- Don't strip binaries.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 10 16:31:46 CET 2006 - mjancar@suse.cz
|
|
|
|
- fix CVE-2005-4158 (#140300)
|
|
* compile with --with-secure-path
|
|
* use always_set_home and env_reset by default
|
|
- document purpose of the default asking for root password
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 21 19:55:27 CET 2005 - mjancar@suse.cz
|
|
|
|
- update to 1.6.8p12
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 9 10:01:27 CET 2005 - ro@suse.de
|
|
|
|
- disabled selinux
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 2 20:42:18 CEST 2005 - mjancar@suse.cz
|
|
|
|
- update to 1.6.8p9
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 20 11:50:45 CEST 2005 - anicka@suse.cz
|
|
|
|
- build position independent binaries
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 28 15:30:42 CET 2005 - ro@suse.de
|
|
|
|
- update to 1.6.8p7
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 15 14:58:45 CET 2004 - kukuk@suse.de
|
|
|
|
- Use common PAM config files
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 13 16:00:56 CEST 2004 - ro@suse.de
|
|
|
|
- undef __P first
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 6 07:12:34 CEST 2004 - kukuk@suse.de
|
|
|
|
- fix default permissions of sudo
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 26 01:18:52 CET 2004 - ro@suse.de
|
|
|
|
- added postfix to neededforbuild
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 25 13:02:03 CET 2004 - lnussel@suse.de
|
|
|
|
- Add comment and warning for 'Defaults targetpw' to config file
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 29 15:57:53 CET 2004 - kukuk@suse.de
|
|
|
|
- Fix sudo configuration broken by last patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 28 10:55:29 CET 2004 - kukuk@suse.de
|
|
|
|
- Add SELinux patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 22 18:45:07 CET 2004 - ro@suse.de
|
|
|
|
- package /etc/sudoers as 0640
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 16 13:26:31 CET 2004 - kukuk@suse.de
|
|
|
|
- Add pam-devel to neededforbuild
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 11 09:29:32 CET 2004 - adrian@suse.de
|
|
|
|
- build as user
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 7 16:20:57 CET 2003 - schwab@suse.de
|
|
|
|
- Fix quoting in configure script.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 10 11:06:04 CEST 2003 - mjancar@suse.cz
|
|
|
|
- move the defaults to better place in /etc/sudoers (#30282)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 25 15:21:16 CEST 2003 - mjancar@suse.cz
|
|
|
|
- update to 1.6.7p5
|
|
* Fixed a problem with large numbers
|
|
of environment variables.
|
|
- more useful defaults (#28056)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 14 10:44:53 CEST 2003 - mjancar@suse.cz
|
|
|
|
- update to version 1.6.7p4
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 7 13:49:00 CET 2003 - kukuk@suse.de
|
|
|
|
- Use pam_unix2.so instead of pam_unix.so
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 5 15:18:21 CEST 2002 - pmladek@suse.cz
|
|
|
|
- updated to version 1.6.6
|
|
- removed obsolete heap-overflow fix in prompt patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 22 14:56:46 CEST 2002 - pmladek@suse.cz
|
|
|
|
- fixed a heap-overflow (prompt patch)
|
|
- fixed prompt behaviour, %% is always translated to % (prompt patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 12 12:23:08 CET 2002 - pmladek@suse.cz
|
|
|
|
- insults are really off by default now [#13134]
|
|
- sudo.pamd moved from patch to sources
|
|
- used %defattr(-,root,root)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 24 10:17:00 CET 2002 - postadal@suse.cz
|
|
|
|
- updated to version 1.6.5p2
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 17 18:47:02 CET 2002 - pmladek@suse.cz
|
|
|
|
- updated to version 1.6.5p1
|
|
- removed obsolete security patch (to do not run mailer as root),
|
|
sudo runs mailer again as root but with hard-coded environment
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 2 12:36:17 CET 2002 - pmladek@suse.cz
|
|
|
|
- aplied security patch from Sebastian Krahmer <krahmer@suse.de>
|
|
to do not run mailer as root
|
|
- NOTIFY_BY_EMAIL enabled
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 30 22:58:33 CET 2001 - bjacke@suse.de
|
|
|
|
- make /etc/sudoers (noreplace)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 15 16:17:35 CEST 2001 - pmladek@suse.cz
|
|
|
|
- updated to version 1.6.3p7
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 14 18:05:55 CEST 2001 - ro@suse.de
|
|
|
|
- Don't use absolute paths to PAM modules in PAM config files
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 27 11:17:10 CET 2001 - pblaha@suse.cz
|
|
|
|
- update on 1.6.3p6 for fix potential security problems
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 26 17:39:24 CEST 2000 - schwab@suse.de
|
|
|
|
- Add %suse_update_config.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 4 15:57:08 CEST 2000 - smid@suse.cz
|
|
|
|
- upgrade to 1.6.3
|
|
- buildroot added
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 4 17:55:40 CEST 2000 - uli@suse.de
|
|
|
|
- added "--with-env-editor" to configure call
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 1 16:08:27 CET 2000 - schwab@suse.de
|
|
|
|
- Specfile cleanup, remove Makefile.Linux
|
|
- /usr/man -> /usr/share/man
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
|
|
|
|
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 9 17:19:36 MEST 1999 - kukuk@suse.de
|
|
|
|
- update to version 1.5.9p1
|
|
- enable PAM
|
|
|
|
----------------------------------------------------------------------------
|
|
Wed Nov 6 00:13:26 CET 1996 - florian@suse.de
|
|
|
|
|
|
- update to version 1.5.2
|
|
|
|
- sudo has changed a lot, please check the sudo documentation
|
|
|
|
|