[sudo-announce] sudo 1.8.2 and 1.7.7 released
Todd C. Miller
Todd.Miller at courtesan.com
Thu Aug 18 08:34:10 EDT 2011
Sudo versions 1.8.2 and 1.7.7 are now available.
Sudo 1.8.2 features NLS support in addition to minor bug fixes. At
this time, sudo has been translated into Basque, Chinese (simplified),
Danish, Finish, Polish, Russian and Ukranian. For more information,
see http://www.sudo.ws/sudo/nls.html
If you would like to contribute a translation for sudo, please join
a translation team at the Translation Project instead of contributing
a po file directly. This will avoid duplicated work if there is
already a translation in progress. For details, see
http://translationproject.org/html/translators.html
Sudo 1.7.7 is a minor bugfix release.
Please note that the Sudo 1.7.x branch is in maintenance mode. It
still receives bug fixes but all new development happens in the
1.8.x (stable) branch.
Source:
http://www.sudo.ws/sudo/dist/sudo-1.8.2.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.2.tar.gz
http://www.sudo.ws/sudo/dist/sudo-1.7.7.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.7.tar.gz
Binary packages:
http://www.sudo.ws/sudo/download.html#binary
For a list of download mirror sites, see:
http://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
http://www.sudo.ws/sudo/
Sudo web site mirrors:
http://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.2 and 1.8.1p2:
* Sudo, visudo, sudoreplay and the sudoers plug-in now have natural
language support (NLS). This can be disabled by passing configure
the --disable-nls option. Sudo will use gettext(), if available,
to display translated messages. All translations are coordinated
via The Translation Project, http://translationproject.org/.
* Plug-ins are now loaded with the RTLD_GLOBAL flag instead of
RTLD_LOCAL. This fixes missing symbol problems in PAM modules
on certain platforms, such as FreeBSD and SuSE Linux Enterprise.
* I/O logging is now supported for commands run in background mode
(using sudo's -b flag).
* Group ownership of the sudoers file is now only enforced when
the file mode on sudoers allows group readability or writability.
* Visudo now checks the contents of an alias and warns about cycles
when the alias is expanded.
* If the user specifes a group via sudo's -g option that matches
the target user's group in the password database, it is now
allowed even if no groups are present in the Runas_Spec.
* The sudo Makefiles now have more complete dependencies which are
automatically generated instead of being maintained manually.
* The "use_pty" sudoers option is now correctly passed back to the
sudo front end. This was missing in previous versions of sudo
1.8 which prevented "use_pty" from being honored.
* "sudo -i command" now works correctly with the bash version
2.0 and higher. Previously, the .bash_profile would not be
sourced prior to running the command unless bash was built with
NON_INTERACTIVE_LOGIN_SHELLS defined.
* When matching groups in the sudoers file, sudo will now match
based on the name of the group instead of the group ID. This can
substantially reduce the number of group lookups for sudoers
files that contain a large number of groups.
* Multi-factor authentication is now supported on AIX.
* Added support for non-RFC 4517 compliant LDAP servers that require
that seconds be present in a timestamp, such as Tivoli Directory Server.
* If the group vector is to be preserved, the PATH search for the
command is now done with the user's original group vector.
* For LDAP-based sudoers, the "runas_default" sudoOption now works
properly in a sudoRole that contains a sudoCommand.
* Spaces in command line arguments for "sudo -s" and "sudo -i" are
now escaped with a backslash when checking the security policy.
Major changes between sudo 1.8.1p2 and 1.8.1p1:
* Two-character CIDR-style IPv4 netmasks are now matched correctly
in the sudoers file.
* A build error with MIT Kerberos V has been resolved.
* A crash on HP-UX in the sudoers plugin when wildcards are
present in the sudoers file has been resolved.
* Sudo now works correctly on Tru64 Unix again.
Major changes between sudo 1.8.1p1 and 1.8.1:
* Fixed a problem on AIX where sudo was unable to set the final
uid if the PAM module modified the effective uid.
* A non-existent includedir is now treated the same as an empty
directory and not reported as an error.
* Removed extraneous parens in LDAP filter when sudoers_search_filter
is enabled that can cause an LDAP search error.
* Fixed a "make -j" problem for "make install".
Major changes between sudo 1.7.7 and 1.7.6p2:
* I/O logging is now supported for commands run in background mode
(using sudo's -b flag).
* Group ownership of the sudoers file is now only enforced when
the file mode on sudoers allows group readability or writability.
* Visudo now checks the contents of an alias and warns about cycles
when the alias is expanded.
* If the user specifes a group via sudo's -g option that matches
the target user's group in the password database, it is now
allowed even if no groups are present in the Runas_Spec.
* Multi-factor authentication is now supported on AIX.
* Added support for non-RFC 4517 compliant LDAP servers that require
that seconds be present in a timestamp, such as Tivoli Directory Server.
* If the group vector is to be preserved, the PATH search for the
command is now done with the user's original group vector.
* For LDAP-based sudoers, the "runas_default" sudoOption now works
properly in a sudoRole that contains a sudoCommand.
* Spaces in command line arguments for "sudo -s" and "sudo -i" are
now escaped with a backslash when checking the sudoers file.
Major changes between sudo 1.7.6p2 and 1.7.6p1:
* Two-character CIDR-style IPv4 netmasks are now matched correctly
in the sudoers file.
* A build error with MIT Kerberos V has been resolved.
Major changes between sudo 1.7.6p1 and 1.7.6:
* A non-existent includedir is now treated the same as an empty
directory and not reported as an error.
* Removed extraneous parens in LDAP filter when sudoers_search_filter
is enabled that can cause an LDAP search error.
More information about the sudo-announce
mailing list