[sudo-announce] sudo 1.8.13 released
Todd C. Miller
Todd.Miller at courtesan.com
Sat Mar 21 16:45:58 MDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sudo version 1.8.13 is now available. In addition to bug fixes,
sudo 1.8.13 add support for fine-grained control over whether mail
will be sent when a user runs a specific command.
Source:
http://www.sudo.ws/dist/sudo-1.8.13.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.13.tar.gz
SHA256 checksum:
e374e5edf2c11c00d6916a9f51cb0ad15e51c7b028370fa15169b07e61e05a25
MD5 checksum:
f61577ec330ad1bd504c0e2eec6ea2d8
Binary packages:
http://www.sudo.ws/download.html#binary
For a list of download mirror sites, see:
http://www.sudo.ws/download_mirrors.html
Sudo web site:
http://www.sudo.ws/
Sudo web site mirrors:
http://www.sudo.ws/mirrors.html
Major changes between sudo 1.8.13 and 1.8.12:
* The examples directory is now a subdirectory of the doc dir to
conform to Debian guidelines. Bug #682.
* Fixed a compilation error for siglist.c and signame.c on some
systems. Bug #686
* Weak symbols are now used for sudo_warn_gettext() and
sudo_warn_strerror() in libsudo_util to avoid link errors when
-Wl,--no-undefined is used in LDFLAGS. The --disable-weak-symbols
configure option can be used to disable the user of weak symbols.
* Fixed a bug in sudo's mkstemps() replacement function that
prevented the file extension from being preserved in sudoedit.
* A new mail_all_cmnds sudoers flag will send mail when a user runs
a command (or tries to). The behavior of the mail_always flag has
been restored to always send mail when sudo is run.
* New "MAIL" and "NOMAIL" command tags have been added to toggle
mail sending behavior on a per-command (or Cmnd_Alias) basis.
* Fixed matching of empty passwords when sudo is configured to
use passwd (or shadow) file authentication on systems where the
crypt() function returns NULL for invalid salts.
* On AIX, sudo now uses the value of the auth_type setting in
/etc/security/login.cfg to determine whether to use LAM or PAM
for user authentication.
* The "all" setting for listpw and verifypw now works correctly
with LDAP and sssd sudoers.
* The sudo timestamp directory is now created at boot time on
platforms that use systemd.
* Sudo will now restore the value of the SIGPIPE handler before
executing the command.
* Sudo now uses "struct timespec" instead of "struct timeval" for
time keeping when possible. If supported, sudoedit and visudo
now use nanosecond granularity time stamps.
* Fixed a symbol name collision with systems that have their own
SHA2 implementation. This fixes a problem where PAM could use
the wrong SHA2 implementation on Solaris 10 systems configured
to use SHA512 for passwords.
* The editor invoked by sudoedit once again uses an unmodified
copy of the user's environment as per the documentation. This
was inadvertantly changed in sudo 1.8.0. Bug #688.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlUN9KIACgkQWonfon7kcMTsOQCeOGajl3HCeV3i8qjPunqRcImc
SDQAoKnJZyziRA0bSDoD6pmMazHLy402
=BAMx
-----END PGP SIGNATURE-----
More information about the sudo-announce
mailing list