[sudo-announce] sudo 1.8.3p1 and 1.7.8p1 released
Todd C. Miller
Todd.Miller at courtesan.com
Thu Oct 27 07:41:05 EDT 2011
Sudo versions 1.8.3p1 and 1.7.8p1 are now available which fix some
relatively minor bugs. See the list of major changes below for
details.
Please note that the Sudo 1.7.x branch is in maintenance mode. It
still receives bug fixes but all new development happens in the
1.8.x (stable) branch.
Source:
http://www.sudo.ws/sudo/dist/sudo-1.8.3p1.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.3p1.tar.gz
http://www.sudo.ws/sudo/dist/sudo-1.7.8p1.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.8p1.tar.gz
Binary packages:
http://www.sudo.ws/sudo/download.html#binary
For a list of download mirror sites, see:
http://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
http://www.sudo.ws/sudo/
Sudo web site mirrors:
http://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.3p1 and 1.8.3:
* Fixed a crash in the monitor process on Solaris when NOPASSWD
was specified or when authentication was disabled.
* Fixed matching of a Runas_Alias in the group section of a
Runas_Spec.
Major changes between sudo 1.8.3 and 1.8.2:
* Fixed expansion of strftime() escape sequences in the "log_dir"
sudoers setting.
* Esperanto, Italian and Japanese translations from translationproject.org.
* Sudo will now use PAM by default on AIX 6 and higher.
* Added --enable-werror configure option for gcc's -Werror flag.
* Visudo no longer assumes all editors support the +linenumber
command line argument. It now uses a whitelist of editors known
to support the option.
* Fixed matching of network addresses when a netmask is specified
but the address is not the first one in the CIDR block.
* The configure script now check whether or not errno.h declares
the errno variable. Previously, sudo would always declare errno
itself for older systems that don't declare it in errno.h.
* The NOPASSWD tag is now honored for denied commands too, which
matches historic sudo behavior (prior to sudo 1.7.0).
* Sudo now honors the "DEREF" setting in ldap.conf which controls
how alias dereferencing is done during an LDAP search.
* A symbol conflict with the pam_ssh_agent_auth PAM module that
would cause a crash been resolved.
* The inability to load a group provider plugin is no longer
a fatal error.
* A potential crash in the utmp handling code has been fixed.
* Two PAM session issues have been resolved. In previous versions
of sudo, the PAM session was opened as one user and closed as
another. Additionally, if no authentication was performed, the
PAM session would never be closed.
* Sudo will now work correctly with LDAP-based sudoers using TLS
or SSL on Debian systems.
* The LOGNAME, USER and USERNAME environment variables are preserved
correctly again in sudoedit mode.
Major changes between sudo 1.7.8p1 and 1.7.8:
* Fixed matching of a Runas_Alias in the group section of a
Runas_Spec.
Major changes between sudo 1.7.8 and 1.7.7:
* Sudo will now use PAM by default on AIX 6 and higher.
* Added --enable-werror configure option for gcc's -Werror flag.
* Visudo no longer assumes all editors support the +linenumber
command line argument. It now uses a whitelist of editors known
to support the option.
* Fixed matching of network addresses when a netmask is specified
but the address is not the first one in the CIDR block.
* The configure script now check whether or not errno.h declares
the errno variable. Previously, sudo would always declare errno
itself for older systems that don't declare it in errno.h.
* The NOPASSWD tag is now honored for denied commands too, which
matches historic sudo behavior (prior to sudo 1.7.0).
* Sudo now honors the "DEREF" setting in ldap.conf which controls
how alias dereferencing is done during an LDAP search.
* Using the -n option may in conjunction with the -v or -l option
no longer results in a usage error.
* The LOGNAME, USER and USERNAME environment variables are preserved
correctly again in sudoedit mode.
More information about the sudo-announce
mailing list