News for package sudo

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: sudo
Binary: sudo, sudo-ldap
Architecture: any
Version: 1.8.10p3-1+deb8u2
Maintainer: Bdale Garbee <[email protected]>
Homepage: http://www.sudo.ws/
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/sudo.git
Vcs-Git: git://anonscm.debian.org/collab-maint/sudo.git
Build-Depends: debhelper (>= 7), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex, libaudit-dev [linux-any]
Package-List:
 sudo deb admin optional arch=any
 sudo-ldap deb admin optional arch=any
Checksums-Sha1:
 ed45b25da17c82e0d2cfed98cb4bfd45617c91d9 2262370 sudo_1.8.10p3.orig.tar.gz
 59e3faff4d594b96cdb11533bd1c244fded92a24 27564 sudo_1.8.10p3-1+deb8u2.debian.tar.xz
Checksums-Sha256:
 6eda135fa68163108f1c24de6975de5ddb09d75730bb62d6390bda7b04345400 2262370 sudo_1.8.10p3.orig.tar.gz
 5d29e10cf2ad23c16022b78f0042ff616de9138390d56c7e35636c834d36595f 27564 sudo_1.8.10p3-1+deb8u2.debian.tar.xz
Files:
 fcd8d0d9f9f0397d076ee901e242ed39 2262370 sudo_1.8.10p3.orig.tar.gz
 774e3b150fa761346938c59ab8399715 27564 sudo_1.8.10p3-1+deb8u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVAJ83AAoJEAVMuPMTQ89EJoUP/02tR/J+bN2Bq2wqOzVcfuw2
HSixTTEKMNACwf3KyxkviOqBNoYxr6XnV+o3zmUfaU8NQEC/Ff1AjjVz7f6DnUW2
3aTvTWMlcgnPlGS73qSKfdAtKlG4FJLppeyC8rW24pv1DqYfk9FZo2JL6mk1fDNj
w+jINSYa93ucTWGe3EpVBKfh6rgr/GD4a59Lfv/9sRFzQpFGRyPAM1JEjZdQ2x3C
M8uL3sAATv2oyACacH/pUImiltA4s9kSZG2hufk2oiHo5Q+7R9KnsTa/124HWrWa
2J/PBgewzBMHVh9zY8ha/pWcdVi19Sbl/lH4GCfB08Gcxr4tO7I6Fi9Two7/evP+
M/Qeznjci/IutUHUMwpAiC4bINmXtwZ0Db7xLS5EhPTHvnlNCx9wNa/3U59MhSfD
RKCOLB4rcGB6LudFdZ14WZ2D3RXN+b1+RdePyxAkZ3lm3jQkxB/IkOxZoJ+ASuhu
Vp+qcGZOMLarlyoHWBS5JQiY1+aC+MtVfiU1RloZpa9Hu2DfwwZg4mQ54OqUFYB1
jDVQx2xzZkeBaX+/uwmBdBsthB5m8DRy5zB7yATPIIFJRnkgJq4AqHX/P9JB++3X
juGzZ+W/Z2CjeamEnWbodYU2JuGqLStMV4Rtj6J4ndRRlW152bMXWmmL2QoXTl9w
9TDzu5KCF8HeiFve39E7
=Ds6r
-----END PGP SIGNATURE-----

Changes:
sudo (1.8.10p3-1+deb8u2) testing-proposed-updates; urgency=medium

  * Non-maintainer upload.

  [ Salvatore Bonaccorso ]
  * Add CVE-2014-9680-1.patch patch.
    CVE-2014-9680: unsafe handling of TZ environment variable. (Closes: #772707)
  * Add CVE-2014-9680-2.patch patch.
    Documents that a leading ':' is skipped when checking TZ for a
    fully-qualified path name.

  [ Christian Kastner ]
  * In the *.preinst scripts, make sure that dpkg --compare-versions actually
    has two versions to compare. Closes: #776137
  * Also in the *.preinst scripts, make sure that /etc/sudoers exists before
    attempting to chown/chmod it
  * Include patch from Jakub Wilk to fix 'ignoring time stamp from the
    future' messages. Closes: #764817

 -- Christian Kastner <[email protected]>  Sun, 01 Mar 2015 18:56:17 +0100