[sudo-workers] sudo 1.8.22b1 released
Todd C. Miller
Todd.Miller at sudo.ws
Sun Dec 3 08:56:20 MST 2017
The first beta version of sudo 1.8.22 is now available. Sudo 1.8.22
is a bug fix release. It fixes some long-standing issues with job
control when I/O logging is enabled.
Source:
https://www.sudo.ws/sudo/dist/beta/sudo-1.8.22b1.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.22b1.tar.gz
SHA256 checksum:
9a59d0fac2546f796f618cb0f94081500f21340583a8751bab98b9c66bf20aee
MD5 checksum:
b90935de6229868a1687db0df2875fb9
Binary packages:
https://www.sudo.ws/sudo/dist/beta/packages/index.html#binary
For a list of download mirror sites, see:
https://www.sudo.ws/sudo/download_mirrors.html
Sudo web site:
https://www.sudo.ws/sudo/
Sudo web site mirrors:
https://www.sudo.ws/sudo/mirrors.html
Major changes between sudo 1.8.22b1 and 1.8.21p2:
* Commands run in the background from a script run via sudo will
no longer receive SIGHUP when the parent exits and I/O logging
is enabled. Bug #502
* A particularly offensive insult is now disabled by default.
Bug #804
* The description of "sudo -i" now correctly documents that
the "env_keep" and "env_check" sudoers options are applied to
the environment. Bug #806
* Fixed a crash when the system's host name is not set.
Bug #807
* The sudoers2ldif script now handles #include and #includedir
directives.
* Fixed a bug where sudo would silently exit when the command was
not allowed by sudoers and the "passwd_tries" sudoers option
was set to a value less than one.
* Fixed a bug with the "listpw" and "verifypw" sudoers options and
multiple sudoers sources. If the option is set to "all", a
password should be required unless none of a user's sudoers
entries from any source require authentication.
* Fixed a bug with the "listpw" and "verifypw" sudoers options in
the LDAP and SSSD back-ends. If the option is set to "any", and
the entry contained multiple rules, only the first matching rule
was checked. If an entry contained more than one matching rule
and the first rule required authentication but a subsequent rule
did not, sudo would prompt for a password when it should not have.
* When running a command as the invoking user (not root), sudo
would execute the command with the same group vector it was
started with. Sudo now executes the command with a new group
vector based on the group database which is consistent with
how su(1) operates.
* Fixed a double free in the SSSD back-end that could occur when
ipa_hostname is present in sssd.conf and is set to an unqualified
host name.
* When I/O logging is enabled, sudo will now write to the terminal
even when it is a background process. Previously, sudo would
only write to the tty when it was the foreground process when
I/O logging was enabled. If the TOSTOP terminal flag is set,
sudo will suspend the command (and then itself) with the SIGTTOU
signal.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 163 bytes
Desc: not available
URL: <https://www.sudo.ws/pipermail/sudo-workers/attachments/20171203/70cf22e5/attachment.bin>
More information about the sudo-workers
mailing list