Sudo version 1.6.5p2 now available

Todd C. Miller Todd.Miller at
Wed Jan 23 20:23:42 EST 2002

Sudo version 1.6.5 patchlevel 2 is now available (ftp sites listed
at the end).

Changes since sudo 1.6.5p1:

 o Older versions of BSDi have getifaddrs() but no freeifaddrs().

 o BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD.

 o Ignore the return value of pam_setcred().  In Linux-PAM 0.75,
   pam_setcred() will return PAM_PERM_DENIED even if the setcred function
   of the module succeeds when pam_authenticate() has not been called.

 o Avoid giving PAM a NULL password response, use the empty string instead.
   This avoids a log warning when the user hits ^C at the password prompt
   when Linux-PAM is in use.  This also prevents older versions of
   Linux-PAM from dereferencing the NULL pointer.

 o The user's password was not zeroed after use when AIX authentication,
   BSD authentication, FWTK or PAM was in use.

Changes since sudo 1.6.5:

 o Visudo could access memory that was already freed.

 o If the skey.access file denied use of plaintext passwords sudo
   would exit instead of allowing the user to enter an S/Key.

sudo 1.6.5p2 distribution:

Master WWW site:

WWW Mirrors:</a> (Los Angeles, California, USA)</a> (Fanwood, New Jersey, USA)</a> (Edmonton, Canada)</a> (Russia)

Master FTP sites:

FTP Mirrors: (Boulder, Colorado, USA) (Los Angeles, California, USA) (Falls Church, Virginia, USA) (Beltsville, Maryland, USA) (West Lafayette, Indiana, USA) (Bloomington, Indiana, USA) (Ypsilanti, Michigan, USA) (College Station, Texas, USA) (Rochester, New York, USA) (Fanwood, New Jersey, USA) (Australia) (Austria) (Alberta, Canada) (Hong Kong, China) (Czechoslovakia) (Great Britain) (Finland) (France) (France) (Germany) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Makati City, Philippines) (Poland) (Romania) (Russia) (Russia) (Sweden) (Sweden) (Taiwan) (Turkey)

More information about the sudo-announce mailing list