[sudo-announce] sudo 1.8.9p5 released

Todd C. Miller Todd.Miller at courtesan.com
Tue Feb 4 10:53:09 MST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sudo version 1.8.9p5 is now available which fixes three bugs (see
below).

Source:
    http://www.sudo.ws/sudo/dist/sudo-1.8.9p5.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.9p5.tar.gz

SHA256 checksum:
    bc9d5c96de5f8b4d2b014f87a37870aef60d2891c869202454069150a21a5c21
MD5 checksum:
    d3f1f1cfca6b2b06b048e1abb7d0227e

Binary packages:
    http://www.sudo.ws/sudo/download.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/sudo/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/sudo/

Sudo web site mirrors:
    http://www.sudo.ws/sudo/mirrors.html

Major changes between sudo 1.8.9p5 and 1.8.9p4:

 * Fixed a compilation error on AIX when LDAP support is enabled.

 * Fixed parsing of the "umask" defaults setting in sudoers.  Bug #632.

 * Fixed a failed assertion when the "closefrom_override" defaults
   setting is enabled in sudoers and sudo's -C flag is used.  Bug #633.

Major changes between sudo 1.8.9p4 and 1.8.9p3:

 * Fixed a bug where sudo could consume large amounts of CPU while
   the command was running when I/O logging is not enabled.  Bug #631

 * Fixed a bug where sudo would exit with an error when the debug
   level is set to util at debug or all at debug and I/O logging is not
   enabled.  The command would continue runnning after sudo exited.

Major changes between sudo 1.8.9p3 and 1.8.9p2:

 * Fixed a bug introduced in sudo 1.8.9 that prevented the tty name
   from being resolved properly on Linux systems.  Bug #630.

Major changes between sudo 1.8.9p2 and 1.8.9p1:

 * Updated config.guess, config.sub and libtool to support the ppc64le
   architecture (IBM PowerPC Little Endian).

Major changes between sudo 1.8.9p1 and 1.8.9:

 * Fixed a problem with gcc 4.8's handling of bit fields that could
   lead to the noexec flag being enabled even when it was not
   explicitly set.

Major changes between sudo 1.8.9 and 1.8.8:

 * Reworked sudo's main event loop to use a simple event subsystem
   using poll(2) or select(2) as the back end.

 * It is now possible to statically compile the sudoers plugin into
   the sudo binary without disabling shared library support.  The
   sudo.conf file may still be used to configure other plugins.

 * Sudo can now be compiled again with a C preprocessor that does
   not support variadic macros.

 * Visudo can now export a sudoers file in JSON format using the
   new -x flag.

 * The locale is now set correctly again for visudo and sudoreplay.

 * The plugin API has been extended to allow the plugin to exclude
   specific file descriptors from the "closefrom" range.

 * There is now a workaround for a Solaris-specific problem where
   NOEXEC was overriding traditional root DAC behavior.

 * Add user netgroup filtering for SSSD. Previously, rules for
   a netgroup were applied to all even when they did not belong
   to the specified netgroup.

 * On systems with BSD login classes, if the user specified a group
   (not a user) to run the command as, it was possible to specify
   a different login class even when the command was not run as the
   super user.

 * The closefrom() emulation on Mac OS X now uses /dev/fd if possible.

 * Fixed a bug where sudoedit would not update the original file
   from the temporary when PAM or I/O logging is not enabled.

 * When recycling I/O logs, the log files are now truncated properly.

 * Fixes bugs #621, #622, #623, #624, #625, #626
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (OpenBSD)

iEYEARECAAYFAlLxKP4ACgkQWonfon7kcMSmQACg6eFjetl9i4+GqKprs962NdYT
8PoAn28qBo7P4IsPxukMSRigoFSZ4Gy9
=TH/b
-----END PGP SIGNATURE-----

More information about the sudo-announce mailing list