[sudo-workers] sudo 1.8.10b3 released

Todd C. Miller Todd.Miller at courtesan.com
Fri Feb 7 16:41:14 MST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The third beta version of sudo 1.8.10 is now available.  The biggest
change in 1.8.10 is a new time stamp file format that uses the
monotonic clock where available.

Source:
    http://www.sudo.ws/sudo/dist/beta/sudo-1.8.10b3.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.10b3.tar.gz

SHA256 checksum:
    5355840d25233fef5a9496214929c10f1e86a77e293e18ec4875267006beff64
MD5 checksum:
    3948ac10db30421437d9fd8f2ede227d

Binary packages:
    http://www.sudo.ws/sudo/dist/beta/packages/index.html#binary

For a list of download mirror sites, see:
    http://www.sudo.ws/sudo/download_mirrors.html

Sudo web site:
    http://www.sudo.ws/sudo/

Sudo web site mirrors:
    http://www.sudo.ws/sudo/mirrors.html

Major changes between sudo 1.8.10b3 and 1.8.10b2:

 * LDAP-based sudoers now uses a default search filter of
   (objectClass=sudoRole) for more efficient queries.  The netgroup
   query has been modified to avoid falling below the minimum length
   for OpenLDAP substring indices.

 * The new "use_netgroups" sudoers option can be used to explicitly
   enable or disable netgroups support.  For LDAP-based sudoers,
   netgroup support requires an expensive substring match on the
   server.  If netgroups are not needed, this option can be disabled
   to reduce the load on the LDAP server.

Major changes between sudo 1.8.10b2 and 1.8.10b1:

 * Sudo now uses inet_pton() for decoding IPv4 addresses.  A
   version is included for systems without it.

 * If sudo was started in the background and needed to prompt for
   a password, it was not possible to suspend it at the password
   prompt.  This now works properly.

Major changes between sudo 1.8.10b1 and 1.8.9:

 * It is now possible to disable network interface probing in
   sudo.conf by changing the value of the probe_interfaces
   setting.

 * When listing a user's privileges (sudo -l), the sudoers plugin
   will now prompt for the user's password even if the targetpw,
   rootpw or runaspw options are set.

 * The sudoers plugin uses a new format for its time stamp files.
   Each user now has a single file which may contain multiple records
   when per-tty time stamps are in use (the default).  The time
   stamps use a monotonic timer where available and are once again
   located in a directory under /var/run.  The lecture status is
   now stored separately from the time stamps in a different directory.

 * sudo's -K option will now remove all of the user's time stamps,
   not just the time stamp for the current terminal.  The -k option
   can be used to only disable time stamps for the current terminal.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (OpenBSD)

iEYEARECAAYFAlL1bxIACgkQWonfon7kcMR2yACgml8VOJMphmoHUnhpxMeYCoqL
NhwAni5P0YQCrxElkVWRo2A1500UUtZY
=692B
-----END PGP SIGNATURE-----


More information about the sudo-workers mailing list