[sudo-announce] sudo 1.8.13 released

Todd C. Miller Todd.Miller at courtesan.com
Sat Mar 21 16:45:58 MDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sudo version 1.8.13 is now available.  In addition to bug fixes,
sudo 1.8.13 add support for fine-grained control over whether mail
will be sent when a user runs a specific command.

Source:
    http://www.sudo.ws/dist/sudo-1.8.13.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.13.tar.gz

SHA256 checksum:
    e374e5edf2c11c00d6916a9f51cb0ad15e51c7b028370fa15169b07e61e05a25
MD5 checksum:
    f61577ec330ad1bd504c0e2eec6ea2d8

Binary packages:
    http://www.sudo.ws/download.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/

Sudo web site mirrors:
    http://www.sudo.ws/mirrors.html

Major changes between sudo 1.8.13 and 1.8.12:

 * The examples directory is now a subdirectory of the doc dir to
   conform to Debian guidelines.  Bug #682.

 * Fixed a compilation error for siglist.c and signame.c on some
   systems.  Bug #686

 * Weak symbols are now used for sudo_warn_gettext() and
   sudo_warn_strerror() in libsudo_util to avoid link errors when
   -Wl,--no-undefined is used in LDFLAGS.  The --disable-weak-symbols
   configure option can be used to disable the user of weak symbols.

 * Fixed a bug in sudo's mkstemps() replacement function that
   prevented the file extension from being preserved in sudoedit.

 * A new mail_all_cmnds sudoers flag will send mail when a user runs
   a command (or tries to). The behavior of the mail_always flag has
   been restored to always send mail when sudo is run.

 * New "MAIL" and "NOMAIL" command tags have been added to toggle
   mail sending behavior on a per-command (or Cmnd_Alias) basis.

 * Fixed matching of empty passwords when sudo is configured to
   use passwd (or shadow) file authentication on systems where the
   crypt() function returns NULL for invalid salts.

 * On AIX, sudo now uses the value of the auth_type setting in
   /etc/security/login.cfg to determine whether to use LAM or PAM
   for user authentication.

 * The "all" setting for listpw and verifypw now works correctly
   with LDAP and sssd sudoers.

 * The sudo timestamp directory is now created at boot time on
   platforms that use systemd.

 * Sudo will now restore the value of the SIGPIPE handler before
   executing the command.

 * Sudo now uses "struct timespec" instead of "struct timeval" for
   time keeping when possible.  If supported, sudoedit and visudo
   now use nanosecond granularity time stamps.

 * Fixed a symbol name collision with systems that have their own
   SHA2 implementation.  This fixes a problem where PAM could use
   the wrong SHA2 implementation on Solaris 10 systems configured
   to use SHA512 for passwords.

 * The editor invoked by sudoedit once again uses an unmodified
   copy of the user's environment as per the documentation.  This
   was inadvertantly changed in sudo 1.8.0.  Bug #688.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlUN9KIACgkQWonfon7kcMTsOQCeOGajl3HCeV3i8qjPunqRcImc
SDQAoKnJZyziRA0bSDoD6pmMazHLy402
=BAMx
-----END PGP SIGNATURE-----


More information about the sudo-announce mailing list