Branches for Precise

Author: Marc Deslauriers
Revision Date: 2012-01-31 10:25:52 UTC

* SECURITY UPDATE: permissions bypass via format string
  - debian/patches/CVE-2012-0809.patch: fix format string vulnerability
    in src/sudo.c.
  - CVE-2012-0809

Author: Tyler Hicks
Revision Date: 2012-05-21 00:48:10 UTC

* debian/patches/pam_env_merge.patch: Merge the PAM environment into the
  user environment (LP: #982684)
* debian/sudo.pam: Use pam_env to read /etc/environment and
  /etc/default/locale environment files. Reading ~/.pam_environment is not
  permitted due to security reasons.

Author: Marc Deslauriers
Revision Date: 2015-03-12 11:32:42 UTC

* SECURITY UPDATE: arbitrary file access via TZ
  - debian/patches/CVE-2014-9680.patch: sanity check TZ env variable in
    configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
    pathnames.h.in, plugins/sudoers/env.c.
  - CVE-2014-9680

Author: Marc Deslauriers
Revision Date: 2015-03-12 11:32:42 UTC

* SECURITY UPDATE: arbitrary file access via TZ
  - debian/patches/CVE-2014-9680.patch: sanity check TZ env variable in
    configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
    pathnames.h.in, plugins/sudoers/env.c.
  - CVE-2014-9680

Author: TJ
Revision Date: 2012-04-21 15:47:59 UTC

Fix Abort in some PAM modules when timestamp is valid. (LP: #927828)