[sudo-announce] sudo 1.8.11p1 released

Todd C. Miller Todd.Miller at courtesan.com
Wed Oct 8 07:19:00 MDT 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sudo version 1.8.11p1 is now available.  This is a bug fix release.
See below for a list of changes and bugs closed.

Source:
    http://www.sudo.ws/dist/sudo-1.8.11p1.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.11p1.tar.gz

SHA256 checksum:
    44c275772595a119185336164bb76b6e08f23d38aa0fe0d6bab48812e75d6a43
MD5 checksum:
    5065deec62e8cd514fb04d1d1253db03

Binary packages:
    http://www.sudo.ws/download.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/

Sudo web site mirrors:
    http://www.sudo.ws/mirrors.html

Major changes between sudo 1.8.11p1 and 1.8.11:

 * Fixed a compilation problem on some systems when the
   --disable-shared-libutil configure option was specified.

 * The user can no longer interrupt the sleep after an incorrect
   password on PAM systems using pam_unix.
   Bug #666

 * Fixed a compilation problem on Linux systems that do not use PAM.
   Bug #667

 * "make install" will now work with the stock GNU autotools
   install-sh script.  Bug #669

 * Fixed a crash with "sudo -i" when the current working directory
   does not exist.  Bug #670

 * Fixed a potential crash in the debug subsystem when logging a message
   larger that 1024 bytes.

 * Fixed a "make check" failure for ttyname when stdin is closed and
   stdout and stderr are redirected to a different tty.  Bug #643

 * Added BASH_FUNC_* to environment blacklist to match newer-style
   bash functions.

Major changes between sudo 1.8.11 and 1.8.10p3:

 * The sudoers plugin no longer uses setjmp/longjmp to recover
   from fatal errors.  All errors are now propagated to the caller
   via return codes.

 * When running a command in the background, sudo will now forward
   SIGINFO to the command (if supported).

 * Sudo will now use the system versions of the sha2 functions from
   libc or libmd if available.

 * Visudo now works correctly on GNU Hurd.  Bug #647

 * Fixed suspend and resume of curses programs on some system when
   the command is not being run in a pseudo-terminal.  Bug #649

 * Fixed a crash with LDAP-based sudoers on some systems when
   Kerberos was enabled.

 * Sudo now includes optional Solaris audit support.

 * Catalan translation for sudoers from translationproject.org.

 * Norwegian Bokmaal translation for sudo from translationproject.org.

 * Greek translation for sudoers from translationproject.org

 * The sudo source tree has been reorganized to more closely resemble
   that of other gettext-enabled packages.

 * Sudo and its associated programs now link against a shared version
   of libsudo_util.  The --disable-shared-libutil configure option
   may be used to force static linking if the --enable-static-sudoers
   option is also specified.

 * The passwords in ldap.conf and ldap.secret may now be encoded
   in base64.

 * Audit updates.  SELinux role changes are now audited.  For
   sudoedit, we now audit the actual editor being run, instead of
   just the sudoedit command.

 * Fixed bugs in the man page post-processing that could cause
   portions of the manuals to be removed.

 * Fixed a crash in the system_group plugin.  Bug #653.

 * Fixed sudoedit on platforms without a native version of the
   getprogname() function.  Bug #654.

 * Fixed compilation problems with some pre-C99 compilers.

 * Fixed sudo's -C option which was broken in version 1.8.9.

 * It is now possible to match an environment variable's value as
   well as its name using env_keep and env_check.  This can be used
   to preserve bash functions which would otherwise be removed from
   the environment.

 * New files created via sudoedit as a non-root user now have the
   proper group id.  Bug #656

 * Sudoedit now works correctly in conjunction with sudo's SELinux
   RBAC support.  Temporary files are now created with the proper
   security context.

 * The sudo I/O logging plugin API has been updated.  If a logging
   function returns an error, the command will be terminated and
   all of the plugin's logging functions will be disabled.  If a
   logging function rejects the command's output it will no longer
   be displayed to the user's terminal.

 * Fixed a compilation error on systems that lack openpty(), _getpty()
   and grantpt(). Bug #660

 * Fixed a hang when a sudoers source is listed more than once in
   a single sudoers nsswitch.conf entry.

 * On AIX, shell scripts without a #! magic number are now passed to
   /usr/bin/sh, not /usr/bin/bsh.  This is consistent with what the
   execvp() function on AIX does and matches historic sudo behavior.
   Bug #661

 * Fixed a cross-compilation problem building mksiglist and mksigname.
   Bug #662
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (OpenBSD)

iEYEARECAAYFAlQ1Ob4ACgkQWonfon7kcMTD4gCgtfXYGdItfaUT79UCFdihmRF+
iCkAn3LHt0mBaNxiJUmHu67+CZo8PAFC
=xCEU
-----END PGP SIGNATURE-----

More information about the sudo-announce mailing list