News for package sudo

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: sudo
Binary: sudo, sudo-ldap
Architecture: any
Version: 1.8.5p2-1+nmu2
Maintainer: Bdale Garbee <[email protected]>
Standards-Version: 3.9.3
Vcs-Browser: http://git.gag.com/?p=debian/sudo
Vcs-Git: git://git.gag.com/debian/sudo
Build-Depends: debhelper (>= 7), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex
Package-List: 
 sudo deb admin optional
 sudo-ldap deb admin optional
Checksums-Sha1: 
 1bf378ffb6fef801a7f5d0ca90f8ab849f79d1be 1746344 sudo_1.8.5p2.orig.tar.gz
 dc868e03f18446a321bea876b110156601faa800 29554 sudo_1.8.5p2-1+nmu2.debian.tar.gz
Checksums-Sha256: 
 c32ae2bc3faf83444c82ca75ccb10ad3684d8222e3535f164c4a4db7cdddf8cf 1746344 sudo_1.8.5p2.orig.tar.gz
 0e81f1fe9d1d776d2a101b6fad7df1c55f63bb46049376e91fc44611a9f5d523 29554 sudo_1.8.5p2-1+nmu2.debian.tar.gz
Files: 
 dc42ed9f0946d92273762d0ae7314d59 1746344 sudo_1.8.5p2.orig.tar.gz
 5022b1ada96148e9c0fca9ac190408fc 29554 sudo_1.8.5p2-1+nmu2.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJU4eauAAoJEAVMuPMTQ89EMSEP/297GzWXicaPrGO2z+x19Su/
MLniwNb6u2rYqxSLiWLWSRbDGoa/i6BJtEz0LFmhTZtNjGev+WyeaxpCQ+npYw0y
lA845hglJJYaTIsvWDho1gxBbcvy4IXB+gxkkgvOkAQnnK8n5SqLsTZ26naXBIn3
2CJGqMY8YBsBdHcjintxrCGRe33OtpZN9GZf8QnEIAMwGxIL/tkCIcY10MSHKk3k
HcTEoatyahRQOrSlp92dqTrzh1itD/FvmHntCfrqZezflDQkYJwG8UDTN3CbKbN9
jClR4DK6N2FX2J+0lajQVKKik+MKCNc0+mksuipYoeA049806yj5HbQtZj84Q0Dn
k0k2avh99tfYnSxDyUJuaMX+f/4toaeDsX9WSga6G6yPcGwvmZ7K9t9Yxa8/TVpI
hn8pOrZw0WAzMudV1nWp+wZboC+ROWKkTD6NVlNE5qbxFISMSWb7moX4XbgeB0an
fpFYEQCAF5meXLY578gECVY0o0ZUeLckqbTTqUXfRGVuupyAta5wuDyZFUNUr6VA
CycyJuKKZ5siBTxD8Cs6K5iWiXcLZ6CPAx4Q0Ze1H03bcsWPQBYdVVJnrf1OYhsv
BPddTQjP1e0T2QiOEiNMCO4XZoF8DLZiz5fJzsOxKwTwIZNF9dsOZAHEjcAQ3fXO
Xoxs2FbK/Wm/0pcyx9t0
=+jSU
-----END PGP SIGNATURE-----

Changes:
sudo (1.8.5p2-1+nmu2) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add CVE-2014-9680-1.patch patch.
    CVE-2014-9680: unsafe handling of TZ environment variable. (Closes: #772707)
  * Add CVE-2014-9680-2.patch patch.
    Documents that a leading ':' is skipped when checking TZ for a
    fully-qualified path name.

 -- Salvatore Bonaccorso <[email protected]>  Sun, 15 Feb 2015 16:54:59 +0100