Hi, I tried to check all sudo bugs with attached patches. Sadly the upstream bug link is broken. So I cannot follow-up the upstream progress. The git history revealed no reference to bug number 457.
Looking at the upstream code, I found following in lib/eventlog/eventlog.c: #if defined(HAVE_NL_LANGINFO) && defined(CODESET) locale = setlocale(LC_ALL, NULL); if (locale[0] != 'C' || locale[1] != '\0') (void) fprintf(mail, "\nContent-Type: text/plain; charset=\"%s\"\nContent-Transfer-Encoding: 8bit", nl_langinfo(CODESET)); #endif /* HAVE_NL_LANGINFO && CODESET */ So I assume that it was fixed upstream. This code snippet was introduced in commit bd1ca79cca827a92e904f022e49df121931d4ff5 and was part of sudo 1.9.4 which landed in Ubuntu 22.04 (jammy). If my assumption is wrong, please reopen this bug report. ** Changed in: sudo (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/491352 Title: Patch for incorrect charset in notification emails Status in sudo: Unknown Status in sudo package in Ubuntu: Fix Released Bug description: Binary package hint: sudo sudo uses strftime() to generate the date string in the notification mails sent to administrators when something fishy happens. strftime() generates the date according to locale env vars. This could result in date strings containing arbitrary characters in arbitrary charsets (think UTF-8 in far eastern languages). By default, email messages are us-ascii. sudo does no conversion of the data returned by strftime (which is in the user's current charset) to the default us-ascii charset. This causes non-ascii dates to come through as garbage. Solution: 1. stop using strftime. The code actually has the strftime code in a IFDEF, remove that whole ifdef, and use ctime, which is ascii. 2. insert charset information into the notification email. add header (Content-Type: text/plain; charset="<nl_langinfo(CODESET)>") and (Content-Transfer-Encoding: 8bit). downside of solution 2: 1. 8bit transfer encoding is required. 8bit is not strictly supported by SMTP, although is supported by most MTA's, probably all MTA's in the Ubuntu repo. 2. Also, since the strftime uses the locale of the user, it could represent the date in some language unreadable by the sysadmin (who receives the notification, but does not necessarily read the same language as the user who committed whatever offense). ctime() always represents the date in English ASCII. I think we can safely assume the large majority of sysadmins out there can read English ASCII? I've attached a patch to only use ctime in notification emails and logging. Since launch pad only allows one attachment at time of bug creation, I'll try attach the other patch after I've submitted this. Here's hoping I can do that. To manage notifications about this bug go to: https://bugs.launchpad.net/sudo/+bug/491352/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp