Register | Log in

sudo

Provide limited super user privileges to specific users

Choose email to subscribe with

general

source: sudo (source, admin)
version: 1.8.20p2-1
maintainer: Bdale Garbee [DMD]
arch: any
std-ver: 3.9.8
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.5p2-1+nmu3+deb7u1
o-o-sec: 1.8.5p2-1+nmu3+deb7u3
oldstable: 1.8.10p3-1+deb8u3
old-sec: 1.8.10p3-1+deb8u4
old-p-u: 1.8.10p3-1+deb8u4
stable: 1.8.19p1-2.1
testing: 1.8.20p2-1
unstable: 1.8.20p2-1

versioned links

1.8.5p2-1+nmu3+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.5p2-1+nmu3+deb7u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.10p3-1+deb8u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.10p3-1+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.12-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.19p1-2.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.20p2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

sudo
sudo-ldap

action needed

1 security issue in wheezy

high

There is 1 open security issue in wheezy.

1 important issue:

CVE-2017-1000368: Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

Please fix it.

Created: 2017-06-02 Last update: 2017-06-20 02:04

4 security issues in jessie

high

There are 4 open security issues in jessie.

1 important issue:

CVE-2017-1000368: Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

3 issues skipped by the security teams:

CVE-2016-7076:
CVE-2015-8239:
CVE-2016-7032: sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

Please fix them.

Created: 2015-11-05 Last update: 2017-06-20 02:04

4 bugs tagged patch in the BTS

normal

The BTS contains patches fixing 4 bugs (5 if counting merged bugs), consider including or untagging them.

Created: 2017-01-17 Last update: 2017-06-25 13:11

lintian reports 1 warning

normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2017-06-24 Last update: 2017-06-24 07:24

Build log checks report 1 warning

low

Build log checks report 1 warning

Created: 2016-12-16 Last update: 2016-12-16 13:12

news

[2017-06-20] sudo 1.8.20p2-1 MIGRATED to testing (Debian testing watch)
[2017-06-12] Accepted sudo 1.8.10p3-1+deb8u4 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-06-08] Accepted sudo 1.8.20p2-1 (source amd64) into unstable (Bdale Garbee)
[2017-06-07] sudo 1.8.19p1-2.1 MIGRATED to testing (Debian testing watch)
[2017-06-05] Accepted sudo 1.8.19p1-2.1 (source) into testing-proposed-updates (Salvatore Bonaccorso)
[2017-06-05] Accepted sudo 1.8.20p1-1.1 (source) into unstable (Salvatore Bonaccorso)
[2017-06-04] sudo 1.8.19p1-2 MIGRATED to testing (Debian testing watch)
[2017-06-01] Accepted sudo 1.8.19p1-2 (source amd64) into testing-proposed-updates (Bdale Garbee)
[2017-05-30] Accepted sudo 1.8.5p2-1+nmu3+deb7u3 (amd64 source) into oldstable (Ben Hutchings)
[2017-05-30] Accepted sudo 1.8.20p1-1 (source amd64) into unstable (Bdale Garbee)
[2017-05-10] Accepted sudo 1.8.20-1 (source amd64) into unstable (Bdale Garbee)
[2017-01-24] sudo 1.8.19p1-1 MIGRATED to testing (Debian testing watch)
[2017-01-13] Accepted sudo 1.8.19p1-1 (source amd64) into unstable (Bdale Garbee)
[2016-12-31] sudo 1.8.19-1 MIGRATED to testing (Debian testing watch)
[2016-12-19] Accepted sudo 1.8.19-1 (source amd64) into unstable (Bdale Garbee)
[2016-12-16] Accepted sudo 1.8.18p1-2 (source amd64) into unstable (Bdale Garbee)
[2016-12-16] Accepted sudo 1.8.18p1-1 (source amd64) into unstable (Bdale Garbee)
[2016-11-14] Accepted sudo 1.8.5p2-1+nmu3+deb7u2 (source amd64) into oldstable (Balint Reczey)
[2016-07-12] sudo 1.8.17p1-2 MIGRATED to testing (Debian testing watch)
[2016-07-06] Accepted sudo 1.8.17p1-2 (source amd64) into unstable (Bdale Garbee)
[2016-07-05] Accepted sudo 1.8.17p1-1 (source amd64) into unstable (Bdale Garbee)
[2016-01-14] Accepted sudo 1.8.5p2-1+nmu3+deb7u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ben Hutchings)
[2016-01-14] Accepted sudo 1.8.10p3-1+deb8u3 (source) into proposed-updates->stable-new, proposed-updates (Ben Hutchings)
[2016-01-10] sudo 1.8.15-1.1 MIGRATED to testing (Debian testing watch)
[2016-01-05] Accepted sudo 1.7.4p4-2.squeeze.6 (source) into squeeze-lts (Ben Hutchings)
[2016-01-04] Accepted sudo 1.8.15-1.1 (source) into unstable (Ben Hutchings)
[2016-01-03] sudo 1.8.15-1 MIGRATED to testing (Debian testing watch)
[2015-12-24] Accepted sudo 1.8.15-1 (source amd64) into unstable (Bdale Garbee)
[2015-05-03] Accepted sudo 1.8.5p2-1+nmu3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Andreas Beckmann)
[2015-04-27] sudo 1.8.12-1 MIGRATED to testing (Britney)

1
2

bugs [bug history graph]

all: 86 89
RC: 0
I&N: 56 59
M&W: 29
F&P: 1

links

homepage
lintian (0, 1)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.8.20p2-1ubuntu1
131 bugs (4 patches)
patches for 1.8.20p2-1ubuntu1

Debian Package Tracker — Copyright 2013-2016 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Git Repository — How to contribute