[sudo-announce] sudo 1.8.9 released

Todd C. Miller Todd.Miller at courtesan.com
Mon Jan 6 14:17:00 MST 2014 

Sudo version 1.8.9 is now available.  See the list of major changes
below for details.

Source:
    http://www.sudo.ws/sudo/dist/sudo-1.8.9.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.9.tar.gz

Binary packages:
    http://www.sudo.ws/sudo/download.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/sudo/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/sudo/

Sudo web site mirrors:
    http://www.sudo.ws/sudo/mirrors.html

Major changes between sudo 1.8.9 and 1.8.8:

 * Reworked sudo's main event loop to use a simple event subsystem
   using poll(2) or select(2) as the back end.

 * It is now possible to statically compile the sudoers plugin into
   the sudo binary without disabling shared library support.  The
   sudo.conf file may still be used to configure other plugins.

 * Sudo can now be compiled again with a C preprocessor that does
   not support variadic macros.

 * Visudo can now export a sudoers file in JSON format using the
   new -x flag.

 * The locale is now set correctly again for visudo and sudoreplay.

 * The plugin API has been extended to allow the plugin to exclude
   specific file descriptors from the "closefrom" range.

 * There is now a workaround for a Solaris-specific problem where
   NOEXEC was overriding traditional root DAC behavior.

 * Add user netgroup filtering for SSSD. Previously, rules for
   a netgroup were applied to all even when they did not belong
   to the specified netgroup.

 * On systems with BSD login classes, if the user specified a group
   (not a user) to run the command as, it was possible to specify
   a different login class even when the command was not run as the
   super user.

 * The closefrom() emulation on Mac OS X now uses /dev/fd if possible.

 * Fixed a bug where sudoedit would not update the original file
   from the temporary when PAM or I/O logging is not enabled.

 * When recycling I/O logs, the log files are now truncated properly.

 * Fixes bugs #621, #622, #623, #624, #625, #626

More information about the sudo-announce mailing list