[sudo-announce] sudo 1.8.11 released

Todd C. Miller Todd.Miller at courtesan.com
Wed Sep 24 08:40:34 MDT 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sudo version 1.8.11 is now available.  In addition to bug fixes,
sudo 1.8.11 installs a shared library, libsudo_util, that is used
by the sudo front end, the sudo plugins and associated programs
(visudo, sudoreplay).

Source:
    http://www.sudo.ws/dist/sudo-1.8.11.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.11.tar.gz

SHA256 checksum:
    a3177de7b5fbebfb43b32fc30aecaaf434762bf23e313de4c4a39e5ff715c845
MD5 checksum:
    9a642cf6aca5375f8569a2961f44d0f3

Binary packages:
    http://www.sudo.ws/download.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/

Sudo web site mirrors:
    http://www.sudo.ws/mirrors.html

Major changes between sudo 1.8.11 and 1.8.10p3:

 * The sudoers plugin no longer uses setjmp/longjmp to recover
   from fatal errors.  All errors are now propagated to the caller
   via return codes.

 * When running a command in the background, sudo will now forward
   SIGINFO to the command (if supported).

 * Sudo will now use the system versions of the sha2 functions from
   libc or libmd if available.

 * Visudo now works correctly on GNU Hurd.  Bug #647

 * Fixed suspend and resume of curses programs on some system when
   the command is not being run in a pseudo-terminal.  Bug #649

 * Fixed a crash with LDAP-based sudoers on some systems when
   Kerberos was enabled.

 * Sudo now includes optional Solaris audit support.

 * Catalan translation for sudoers from translationproject.org.

 * Norwegian Bokmaal translation for sudo from translationproject.org.

 * Greek translation for sudoers from translationproject.org

 * The sudo source tree has been reorganized to more closely resemble
   that of other gettext-enabled packages.

 * Sudo and its associated programs now link against a shared version
   of libsudo_util.  The --disable-shared-libutil configure option
   may be used to force static linking if the --enable-static-sudoers
   option is also specified.

 * The passwords in ldap.conf and ldap.secret may now be encoded
   in base64.

 * Audit updates.  SELinux role changes are now audited.  For
   sudoedit, we now audit the actual editor being run, instead of
   just the sudoedit command.

 * Fixed bugs in the man page post-processing that could cause
   portions of the manuals to be removed.

 * Fixed a crash in the system_group plugin.  Bug #653.

 * Fixed sudoedit on platforms without a native version of the
   getprogname() function.  Bug #654.

 * Fixed compilation problems with some pre-C99 compilers.

 * Fixed sudo's -C option which was broken in version 1.8.9.

 * It is now possible to match an environment variable's value as
   well as its name using env_keep and env_check.  This can be used
   to preserve bash functions which would otherwise be removed from
   the environment.

 * New files created via sudoedit as a non-root user now have the
   proper group id.  Bug #656

 * Sudoedit now works correctly in conjunction with sudo's SELinux
   RBAC support.  Temporary files are now created with the proper
   security context.

 * The sudo I/O logging plugin API has been updated.  If a logging
   function returns an error, the command will be terminated and
   all of the plugin's logging functions will be disabled.  If a
   logging function rejects the command's output it will no longer
   be displayed to the user's terminal.

 * Fixed a compilation error on systems that lack openpty(), _getpty()
   and grantpt(). Bug #660

 * Fixed a hang when a sudoers source is listed more than once in
   a single sudoers nsswitch.conf entry.

 * On AIX, shell scripts without a #! magic number are now passed to
   /usr/bin/sh, not /usr/bin/bsh.  This is consistent with what the
   execvp() function on AIX does and matches historic sudo behavior.
   Bug #661

 * Fixed a cross-compilation problem building mksiglist and mksigname.
   Bug #662
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (OpenBSD)

iEYEARECAAYFAlQi19sACgkQWonfon7kcMTntgCfbTkPoH0EHTPDlR+/ET7gF23+
tOkAn3D9ySYEAHdV6ZIsiJYA1nbBX0IV
=uDO1
-----END PGP SIGNATURE-----

More information about the sudo-announce mailing list