Register | Log in

sudo

Provide limited super user privileges to specific users

Choose email to subscribe with

general

source: sudo (main)
version: 1.8.23-1
maintainer: Bdale Garbee [DMD]
arch: any
std-ver: 4.1.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.5p2-1+nmu3+deb7u1
o-o-sec: 1.8.5p2-1+nmu3+deb7u4
oldstable: 1.8.10p3-1+deb8u5
old-sec: 1.8.10p3-1+deb8u4
stable: 1.8.19p1-2.1
testing: 1.8.23-1
unstable: 1.8.23-1

versioned links

1.8.5p2-1+nmu3+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.5p2-1+nmu3+deb7u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.10p3-1+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.10p3-1+deb8u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.12-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.19p1-2.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.23-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

sudo
sudo-ldap

action needed

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs (4 if counting merged bugs), consider including or untagging them.

Created: 2017-11-21 Last update: 2018-06-19 08:17

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2016-7032: sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
CVE-2015-8239: The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
CVE-2016-7076: sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

Please fix them.

Created: 2015-11-05 Last update: 2018-06-02 08:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:23

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.1).

Created: 2017-12-19 Last update: 2018-05-01 13:37

news

[2018-05-06] sudo 1.8.23-1 MIGRATED to testing (Debian testing watch)
[2018-05-01] Accepted sudo 1.8.23-1 (source amd64) into unstable (Bdale Garbee)
[2017-12-24] sudo 1.8.21p2-3 MIGRATED to testing (Debian testing watch)
[2017-12-19] Accepted sudo 1.8.21p2-3 (source amd64) into unstable (Bdale Garbee)
[2017-10-08] sudo 1.8.21p2-2 MIGRATED to testing (Debian testing watch)
[2017-10-02] Accepted sudo 1.8.21p2-2 (source amd64) into unstable (Bdale Garbee)
[2017-09-13] sudo 1.8.21p2-1 MIGRATED to testing (Debian testing watch)
[2017-09-08] Accepted sudo 1.8.10p3-1+deb8u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-09-07] Accepted sudo 1.8.21p2-1 (source amd64) into unstable (Bdale Garbee)
[2017-08-28] Accepted sudo 1.8.21-1 (source amd64) into unstable (Bdale Garbee)
[2017-07-03] Accepted sudo 1.8.5p2-1+nmu3+deb7u4 (source amd64) into oldoldstable (Antoine Beaupré)
[2017-06-20] sudo 1.8.20p2-1 MIGRATED to testing (Debian testing watch)
[2017-06-12] Accepted sudo 1.8.10p3-1+deb8u4 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-06-08] Accepted sudo 1.8.20p2-1 (source amd64) into unstable (Bdale Garbee)
[2017-06-07] sudo 1.8.19p1-2.1 MIGRATED to testing (Debian testing watch)
[2017-06-05] Accepted sudo 1.8.19p1-2.1 (source) into testing-proposed-updates (Salvatore Bonaccorso)
[2017-06-05] Accepted sudo 1.8.20p1-1.1 (source) into unstable (Salvatore Bonaccorso)
[2017-06-04] sudo 1.8.19p1-2 MIGRATED to testing (Debian testing watch)
[2017-06-01] Accepted sudo 1.8.19p1-2 (source amd64) into testing-proposed-updates (Bdale Garbee)
[2017-05-30] Accepted sudo 1.8.5p2-1+nmu3+deb7u3 (amd64 source) into oldstable (Ben Hutchings)
[2017-05-30] Accepted sudo 1.8.20p1-1 (source amd64) into unstable (Bdale Garbee)
[2017-05-10] Accepted sudo 1.8.20-1 (source amd64) into unstable (Bdale Garbee)
[2017-01-24] sudo 1.8.19p1-1 MIGRATED to testing (Debian testing watch)
[2017-01-13] Accepted sudo 1.8.19p1-1 (source amd64) into unstable (Bdale Garbee)
[2016-12-31] sudo 1.8.19-1 MIGRATED to testing (Debian testing watch)
[2016-12-19] Accepted sudo 1.8.19-1 (source amd64) into unstable (Bdale Garbee)
[2016-12-16] Accepted sudo 1.8.18p1-2 (source amd64) into unstable (Bdale Garbee)
[2016-12-16] Accepted sudo 1.8.18p1-1 (source amd64) into unstable (Bdale Garbee)
[2016-11-14] Accepted sudo 1.8.5p2-1+nmu3+deb7u2 (source amd64) into oldstable (Balint Reczey)
[2016-07-12] sudo 1.8.17p1-2 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 85 88
RC: 0
I&N: 55 58
M&W: 29
F&P: 1

links

homepage
lintian
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.8.21p2-3ubuntu1
130 bugs (3 patches)
patches for 1.8.21p2-3ubuntu1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing