[sudo-workers] sudo 1.8.18rc3 released
Todd C. Miller
Todd.Miller at courtesan.com
Wed Sep 14 12:24:27 MDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
The third release candidate of sudo 1.8.18 is now available. This
is primarily a bug fix release. Unless a show-stopper is found,
sudo 1.8.18 will be released on Monday September 19th.
For a list of download mirror sites, see:
Sudo web site:
Sudo web site mirrors:
Major changes between sudo 1.8.18rc3 and 1.8.18rc2:
* Fixed a memory leak when the getdomainname(2) function fails.
* Negated sudoHost attributes are now supported by the LDAP and
Major changes between sudo 1.8.18rc2 and 1.8.18rc1:
* Fixed a typo that broke short host name matching when the fqdn
flag is enabled in sudoers. Bug #757
* Fixed a bug introduced in 1.8.18 that caused a hang when
running a command in a pty when a stop signal was not always
passed to the parent.
Major changes between sudo 1.8.18rc1 and 1.8.18b4:
* Fixed a potential crash when auditing is enabled and the audit
function fails with an error. Bug #756
* Norwegian Nynorsk translation for sudo from translationproject.org.
Major changes between sudo 1.8.18b4 and 1.8.18b3:
* Fixed a bug on Linux where a 32-bit sudo binary could fail with
an "unable to allocate memory" error when run on a 64-bit system.
* When parsing ldap.conf, sudo will now only treat a '#' character
as the start of a comment when it is at the beginning of the
* Fixed sudo's exit value when execution of the command fails.
Major changes between sudo 1.8.18b3 and 1.8.18b2:
* Fixed a bug where "sudo -l command" would indicate that a command
was runnable even when denied by sudoers when using the LDAP or
* The match_group_by_gid Defaults option has been added to allow
sites where group name resolution is slow and where sudoers only
contains a small number of groups to match groups by group ID
instead of by group name.
Major changes between sudo 1.8.18b2 and 1.8.18b1:
* Fixed a use-after-free bug in visudo introduced in sudo 1.8.18b1.
* Fixed a bug introduced in 1.8.17 where the SIGPIPE signal handler
was not being restored when sudo directly executes the command.
Major changes between sudo 1.8.18b1 and 1.8.17p1:
* The sudoers locale is now set before parsing the sudoers file.
If sudoers_locale is set in sudoers, it is applied before
evaluating other Defaults entries. Previously, sudoers_locale
was used when evaluating sudoers but not during the inital parse.
* A missing or otherwise invalid #includedir is now ignored instead
of causing a parse error.
* During "make install", backup files are only used on HP-UX where
it is not possible to unlink a shared object that is in use.
This works around a bug in ldconfig on Linux which could create
links to the backup shared library file instead of the current
* Fixed a bug introduced in 1.8.17 where sudoers entries with long
commands lines could be truncated, preventing a match. Bug #752.
* The fqdn, runas_default and sudoers_locale Defaults settings are
now applied before any other Defaults settings since they can
change how other Defaults settings are parsed.
* On systems without the O_NOFOLLOW open(2) flag, when the NOFOLLOW
flag is set, sudoedit now checks whether the file is a symbolic link
before opening it as well as after the open. Bug #753.
* Sudo will now only resolve a user's group IDs to group names
when sudoers includes group-based permissions. Group lookups
can be expensive on some systems where the group database is
* If the file system holding the sudo log file is full, allow
the command to run unless the new ignore_logfile_errors Defaults
option is disabled. Bug #751.
* The ignore_audit_errors and ignore_iolog_errors Defaults options
have been added to control sudo's behavior when it is unable to
write to the audit and I/O logs.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the sudo-workers