[sudo-workers] sudo 1.8.10b3 released
Todd C. Miller
Todd.Miller at courtesan.com
Fri Feb 7 16:41:14 MST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The third beta version of sudo 1.8.10 is now available. The biggest
change in 1.8.10 is a new time stamp file format that uses the
monotonic clock where available.
Source:
http://www.sudo.ws/sudo/dist/beta/sudo-1.8.10b3.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.10b3.tar.gz
SHA256 checksum:
5355840d25233fef5a9496214929c10f1e86a77e293e18ec4875267006beff64
MD5 checksum:
3948ac10db30421437d9fd8f2ede227d
Binary packages:
http://www.sudo.ws/sudo/dist/beta/packages/index.html#binary
For a list of download mirror sites, see:
http://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
http://www.sudo.ws/sudo/
Sudo web site mirrors:
http://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.10b3 and 1.8.10b2:
* LDAP-based sudoers now uses a default search filter of
(objectClass=sudoRole) for more efficient queries. The netgroup
query has been modified to avoid falling below the minimum length
for OpenLDAP substring indices.
* The new "use_netgroups" sudoers option can be used to explicitly
enable or disable netgroups support. For LDAP-based sudoers,
netgroup support requires an expensive substring match on the
server. If netgroups are not needed, this option can be disabled
to reduce the load on the LDAP server.
Major changes between sudo 1.8.10b2 and 1.8.10b1:
* Sudo now uses inet_pton() for decoding IPv4 addresses. A
version is included for systems without it.
* If sudo was started in the background and needed to prompt for
a password, it was not possible to suspend it at the password
prompt. This now works properly.
Major changes between sudo 1.8.10b1 and 1.8.9:
* It is now possible to disable network interface probing in
sudo.conf by changing the value of the probe_interfaces
setting.
* When listing a user's privileges (sudo -l), the sudoers plugin
will now prompt for the user's password even if the targetpw,
rootpw or runaspw options are set.
* The sudoers plugin uses a new format for its time stamp files.
Each user now has a single file which may contain multiple records
when per-tty time stamps are in use (the default). The time
stamps use a monotonic timer where available and are once again
located in a directory under /var/run. The lecture status is
now stored separately from the time stamps in a different directory.
* sudo's -K option will now remove all of the user's time stamps,
not just the time stamp for the current terminal. The -k option
can be used to only disable time stamps for the current terminal.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (OpenBSD)
iEYEARECAAYFAlL1bxIACgkQWonfon7kcMR2yACgml8VOJMphmoHUnhpxMeYCoqL
NhwAni5P0YQCrxElkVWRo2A1500UUtZY
=692B
-----END PGP SIGNATURE-----
More information about the sudo-workers
mailing list