[sudo-announce] sudo 1.7.1 released

Todd C. Miller Todd.Miller at courtesan.com
Sun Apr 19 10:28:26 EDT 2009

Sudo version 1.7.1 is now available.

Download links:

For a list of download mirror sites, see:

Sudo web site:

Sudo web site mirrors:

Major changes between sudo 1.7.0 and 1.7.1:

 * Fixed a bug in the version of glob() supplied with sudo that
   affected character classes and ranges.

 * Fixed a NULL pointer dereference when the sudoers file mode or
   owner was incorrect.

 * Fixed a NULL pointer dereference when a PAM module called the sudo
   conversation function during a phase other than authentication.

 * Fixed an LDAP compatibility problem with the AIX LDAP libraries.

 * A new Defaults option "pwfeedback" will cause sudo to provide visual
   feedback when the user is entering a password.

 * A new Defaults option "fast_glob" will cause sudo to use the fnmatch()
   function for file name globbing instead of glob().  When this option
   is enabled, sudo will not check the file system when expanding wildcards.
   This is faster but a side effect is that relative paths with wildcard
   will no longer work.

 * New BSM audit support for systems that support it such as FreeBSD
   and Mac OS X.

 * The file name specified with the #include directive may now include
   a %h escape which is expanded to the short form of hostname.

 * The -k flag may now be specified along with a command, causing the
   user's timestamp file to be ignored.

 * New support for Tivoli-based LDAP START_TLS, present in AIX.

 * New support for /etc/netsvc.conf on AIX.

 * The unused alias checks in visudo now handle the case of an alias
   referring to another alias.

More information about the sudo-announce mailing list