-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 16 Nov 2004 23:23:41 -0700 Source: sudo Binary: sudo Architecture: source i386 Version: 1.6.8p3-1 Distribution: unstable Urgency: high Maintainer: Bdale Garbee <bdale@gag.com> Changed-By: Bdale Garbee <bdale@gag.com> Description: sudo - Provide limited super user privileges to specific users Closes: 236465 263486 271194 281665 Changes: sudo (1.6.8p3-1) unstable; urgency=high . * new upstream version, fixes a flaw in sudo's environment sanitizing that could allow a malicious user with permission to run a shell script that utilized the bash shell to run arbitrary commands, closes: #281665 * patch the sample sudoers to have the proper path for kill on Debian systems, closes: #263486 * patch the sudo manpage to reflect Debian's choice of exempt_group default setting, closes: #236465 * patch the sudo manpage to reflect Debian's choice of no timeout on the password prompt, closes: #271194 Files: 8c24a067df4378a5c665c68ac580a7c5 567 admin optional sudo_1.6.8p3-1.dsc b2293ece1b72d9d360bc6a6b3a588787 583791 admin optional sudo_1.6.8p3.orig.tar.gz abaf30e64d48e53e82c18468b524654c 19006 admin optional sudo_1.6.8p3-1.diff.gz d7198bcf98ebd91c6ca6cbaace373cfb 158650 admin optional sudo_1.6.8p3-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBm7ZZZKfAp/LPAagRArf1AJ9YA9Xgl7+I45WD1IN290umMNm1WwCfTqRS NIrKSW6Kfgkyyqaedg0bKXE= =eB9a -----END PGP SIGNATURE----- Accepted: sudo_1.6.8p3-1.diff.gz to pool/main/s/sudo/sudo_1.6.8p3-1.diff.gz sudo_1.6.8p3-1.dsc to pool/main/s/sudo/sudo_1.6.8p3-1.dsc sudo_1.6.8p3-1_i386.deb to pool/main/s/sudo/sudo_1.6.8p3-1_i386.deb sudo_1.6.8p3.orig.tar.gz to pool/main/s/sudo/sudo_1.6.8p3.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
