Sudo version 1.6.7p1 now available

Todd C. Miller Todd.Miller at
Tue Apr 1 12:27:40 EST 2003

Sudo version 1.6.7p1 is now available (mirrors listed at the end).

There was no formal announcement of version 1.6.7 due to a bug found
shortly after release.

Major changes since Sudo 1.6.7:

 o Fixed false positives in the overflow detection of expand_prompt().

Major changes since Sudo 1.6.6:

 o Wildcards now work correctly in an env_keep Defaults directive.

 o The owner of the timestamp directory is now configurable.

 o Sudo now supports the SecurID 5.0 API.

 o Sudo now saves and restores the state of signal handlers.
   This fixes a problem using sudo with the nohup command.

 o Sudo now uses setresuid() if it exists to properly support the
   stay_setuid Defaults directive.

 o In strict mode sudo did not throw an error for undefined User_Aliases,
   now it does.

 o Write the prompt after turning off echo to avoid some password
   characters being echoed on heavily-loaded machines with fast typists.

 o Added %U and %H escapes in the prompt and fixed treatment of %%.

 o Visudo will now add a final newline to sudoers if the user's editor
   not add one before EOF.

 o Added support for Defaults that apply based on the RunasUser.

 o Sudo now includes copies of strlc{at,py} and uses them throughout.

 o Sudo is now careful to avoid interger overflow when allocating
   memory.  This is one of those "should not happen" situations.

 o Added a configure option (--with-stow) to make sudo compatible
   with GNU stow.

 o auth/kerb5.c now compiles under Heimdal.

 o The volatile prefix is used in the hopes of preventing compilers
   from optimizing away memory zeroing.  Unfortunately, this results
   in some warnings from gcc.

 o The configure tests for Kerberos are much improved.

 o A long-standing bug in the SIGCHLD handler was fixed.

 o Added a --with-rpath configure option to pass the -R flag
   along with -L to the linker.  Enabled by default on Solaris and

 o Added support for using the -blibpath ld option on AIX to add
   directories to the shared lib search path.  This is only active
   when additional library paths are used.  It may be disabled via
   the --without-blibpath configure option.

 o The --with-skey and --with-opie configure options now take
   an optional directory argument that should have an include and
   lib dir for the skey/opie include file and library respectively.

Master WWW site:

WWW Mirrors: (Los Angeles, California, USA) (Fanwood, New Jersey, USA) (Australia) (Russia)

FTP Mirrors: (Boulder, Colorado, USA) (Los Angeles, California, USA) (Falls Church, Virginia, USA) (Beltsville, Maryland, USA) (West Lafayette, Indiana, USA) (Bloomington, Indiana, USA) (College Station, Texas, USA) (Rochester, New York, USA) (Australia) (Austria) (Alberta, Canada) (Hong Kong, China) (Czechoslovakia) (Great Britain) (France) (Germany) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Japan) (Russia) (Russia) (Sweden) (Taiwan) (Turkey)

More information about the sudo-announce mailing list