[sudo-workers] sudo 1.8.22b1 released

Michael Felt michael at felt.demon.nl
Sat Dec 9 01:21:13 MST 2017

On 03/12/2017 16:56, Todd C. Miller wrote:
> The first beta version of sudo 1.8.22 is now available.  Sudo 1.8.22
> is a bug fix release.  It fixes some long-standing issues with job
> control when I/O logging is enabled.
> Source:
>      https://www.sudo.ws/sudo/dist/beta/sudo-1.8.22b1.tar.gz
>      ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.22b1.tar.gz

Tiny thing (when cloned via git!) - no ChangeLog, make install fails with:

cp: cannot stat '../../src/sudo-rbac-1.8.22b1/ChangeLog': No such file 
or directory

(This was meant to be first, but sending failed).

> SHA256 checksum:
>      9a59d0fac2546f796f618cb0f94081500f21340583a8751bab98b9c66bf20aee
> MD5 checksum:
>      b90935de6229868a1687db0df2875fb9
> Binary packages:
>      https://www.sudo.ws/sudo/dist/beta/packages/index.html#binary
> For a list of download mirror sites, see:
>      https://www.sudo.ws/sudo/download_mirrors.html
> Sudo web site:
>      https://www.sudo.ws/sudo/
> Sudo web site mirrors:
>      https://www.sudo.ws/sudo/mirrors.html
> Major changes between sudo 1.8.22b1 and 1.8.21p2:
>   * Commands run in the background from a script run via sudo will
>     no longer receive SIGHUP when the parent exits and I/O logging
>     is enabled.  Bug #502
>   * A particularly offensive insult is now disabled by default.
>     Bug #804
>   * The description of "sudo -i" now correctly documents that
>     the "env_keep" and "env_check" sudoers options are applied to
>     the environment.  Bug #806
>   * Fixed a crash when the system's host name is not set.
>     Bug #807
>   * The sudoers2ldif script now handles #include and #includedir
>     directives.
>   * Fixed a bug where sudo would silently exit when the command was
>     not allowed by sudoers and the "passwd_tries" sudoers option
>     was set to a value less than one.
>   * Fixed a bug with the "listpw" and "verifypw" sudoers options and
>     multiple sudoers sources.  If the option is set to "all", a
>     password should be required unless none of a user's sudoers
>     entries from any source require authentication.
>   * Fixed a bug with the "listpw" and "verifypw" sudoers options in
>     the LDAP and SSSD back-ends.  If the option is set to "any", and
>     the entry contained multiple rules, only the first matching rule
>     was checked.  If an entry contained more than one matching rule
>     and the first rule required authentication but a subsequent rule
>     did not, sudo would prompt for a password when it should not have.
>   * When running a command as the invoking user (not root), sudo
>     would execute the command with the same group vector it was
>     started with.  Sudo now executes the command with a new group
>     vector based on the group database which is consistent with
>     how su(1) operates.
>   * Fixed a double free in the SSSD back-end that could occur when
>     ipa_hostname is present in sssd.conf and is set to an unqualified
>     host name.
>   * When I/O logging is enabled, sudo will now write to the terminal
>     even when it is a background process.  Previously, sudo would
>     only write to the tty when it was the foreground process when
>     I/O logging was enabled.  If the TOSTOP terminal flag is set,
>     sudo will suspend the command (and then itself) with the SIGTTOU
>     signal.
> ____________________________________________________________
> sudo-workers mailing list <sudo-workers at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> https://www.sudo.ws/mailman/listinfo/sudo-workers

More information about the sudo-workers mailing list