SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sudo-1.6.8p12-1tr.i586.rpm :
Tue Feb 21 13:00:00 2006 Nived Gopalan 1.6.8p12-1tr
- New Upstream
- SECURITY FIX: Tavis Ormandy has reported a vulnerability in Sudo caused
due to an error within the environment cleaning. This can be exploited
by a user with sudo access to a python script to gain access to an
interactive python prompt via the \"PYTHONINSPECT\" environment variable.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-0151 to this issue.

Mon Jan 9 13:00:00 2006 Nived Gopalan 1.6.8p9-3tr
- SECURITY FIX: A vulnerability has been reported in Sudo caused due to
an error within the environment cleaning. This can be exploited by a
user with sudo access to a perl script to load and execute arbitrary
library files via the \"PERLLIB\", \"PERL5LIB\" and the \"PERL5OPT\"
environment variables.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2005-4158 to this issue.

Mon Oct 31 13:00:00 2005 Bipin S 1.6.8p9-2tr
- SECURITY FIX: Tavis Ormandy has reported a vulnerability in Sudo,
which can be exploited by malicious, local users to gain escalated
privileges.

The vulnerability is caused due to an error within the environment
cleaning. This can be exploited by a user with sudo access to a bash
script to execute arbitrary commands via the \"SHELLOPTS\" and \"PS4\"
environment variables

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-2959.

Tue Jun 21 14:00:00 2005 Syed Shabir Zakiullah 1.6.8p9-1tr
- New Upstream
- Fix A race condition in Sudo\'s command pathname handling that could allow a user
with Sudo privileges to run arbitrary commands.

Mon Feb 28 13:00:00 2005 Erlend Midttun 1.6.8p7-1tr
- New upstream.

Wed Nov 17 13:00:00 2004 Erlend Midttun 1.6.8p3-1tr
- New upstream.

Mon Nov 15 13:00:00 2004 Erlend Midttun 1.6.8p2-1tr
- New upstream.

Fri Sep 17 14:00:00 2004 Erlend Midttun 1.6.8p1-1tr
- New upstream.

Mon Dec 8 13:00:00 2003 Erlend Midttun 1.6.7p5-1tr
- New upstream.

Wed Jun 18 14:00:00 2003 Erlend Midttun 1.6.6-4tr
- Big rebuild

Mon Mar 24 13:00:00 2003 Erlend Midttun 1.6.6-3em
- Rebuilt against glibc 2.3.2.

Tue Aug 13 14:00:00 2002 Christian H. Toldnes 1.6.6-2ct
- Minor .spec cleanup.

Fri Apr 26 14:00:00 2002 Christian H. Toldnes
- Update to upstream 1.6.6 to fix security issue.

Fri Jan 18 13:00:00 2002 Christian H. Toldnes
- Specfile cleanup. \"nullok\" removed. Thanks to Goetz Bock.

Fri Jan 18 13:00:00 2002 Hans Alm�sbakk
- New upstream version: 1.6.5p1

Tue Jan 15 13:00:00 2002 Erlend Midttun
- Upgraded to 1.6.4p1 to fix a few security issues.

Mon Jun 11 14:00:00 2001 Oystein Viggen
- New upstream version: 1.6.3p7

Mon Feb 26 13:00:00 2001 Oystein Viggen
- picked up 1.6.3p6 which fixes a buffer overflow

Wed Sep 13 14:00:00 2000 Per Ivar Paulsen
- picked up 1.6.3p5

Mon May 22 14:00:00 2000 Per Ivar Paulsen
- picked up 1.6.3p3
- Moved man and info pages to /usr/share adhering to FHS

Tue Dec 14 13:00:00 1999 Preston Brown
- updated to 1.6.1 for Powertools 6.2
- config files are now noreplace.

Thu Jul 22 14:00:00 1999 Tim Powers
- updated to 1.5.9p2 for Powertools 6.1

Wed May 12 14:00:00 1999 Bill Nottingham
- sudo is configured with pam. There\'s no pam.d file. Oops.

Mon Apr 26 14:00:00 1999 Preston Brown
- upgraded to 1.59p1 for powertools 6.0

Tue Oct 27 13:00:00 1998 Preston Brown
- fixed so it doesn\'t find /usr/bin/vi first, but instead /bin/vi (always installed)

Thu Oct 8 14:00:00 1998 Michael Maher
- built package for 5.2

Mon May 18 14:00:00 1998 Michael Maher
- updated SPEC file.

Thu Jan 29 13:00:00 1998 Otto Hammersmith
- updated to 1.5.4

Tue Nov 18 13:00:00 1997 Otto Hammersmith
- built for glibc, no problems

Fri Apr 25 14:00:00 1997 Michael Fulbright
- Fixed for 4.2 PowerTools
- Still need to be pamified
- Still need to move stmp file to /var/log

Mon Feb 17 13:00:00 1997 Michael Fulbright
- First version for PowerCD.


  
ICM