[sudo-workers] sudo 1.8.28b3 released

Todd C. Miller Todd.Miller at sudo.ws
Wed Aug 21 06:26:46 MDT 2019 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

The third beta version of sudo 1.8.28 is now available.  This will
probably be the last beta before 1.8.28 is released.  Sudo 1.8.28
is a bug fix release.

Source:
    https://www.sudo.ws/dist/beta/sudo-1.8.28b3.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.28b3.tar.gz

SHA256 checksum:
    c6f48581c395ad28a16cb66018f166c353d2829ae7ce19f8ef8735ac666c95ab

MD5 checksum:
    e6ac0a0ddd39507bc82caa066da30701

Binary packages:
    https://www.sudo.ws/dist/beta/packages/index.html#binary

For a list of download mirror sites, see:
    https://www.sudo.ws/download_mirrors.html

Sudo web site:
    https://www.sudo.ws/

Sudo web site mirrors:
    https://www.sudo.ws/mirrors.html

Major changes between sudo 1.8.28b3 and 1.8.28b2:

 * Fixed a bug introduced in 1.8.24 that prevented sudo from honoring
   the value of "ipa_hostname" from sssd.conf, if specified, when
   matching the host name.

 * Fixed a bug introduced in 1.8.21 that prevented the core dump
   resource limit set in the pam_limits module from taking effect.
   Bug #894.

 * Fixed parsing of double-quoted Defaults group and netgroup bindings.

 * The user ID is now used when matching sudoUser attributes in LDAP.
   Previously, the user name, group name and group IDs were used
   when matching but not the user ID.

Major changes between sudo 1.8.28b2 and 1.8.28b1:

 * Asturian translation for sudoers from translationproject.org.

 * I/O log timing files now store signal suspend and resume information
   in the form of a signal name instead of a number.

Major changes between sudo 1.8.28b1 and 1.8.27:

 * Sudo will now only set PAM_TTY to the empty string when no
   terminal is present on Solaris and Linux.  This workaround is
   only needed on those systems which may have PAM modules that
   misbehave when PAM_TTY is not set.

 * The mailerflags sudoers option now has a default value even if
   sendmail support was disabled at configure time.  Fixes a crash
   when the "mailerpath" sudoers option is set but mailerflags is not.
   Bug #878.

 * Sudo will now filter out last login messages on HP-UX unless it
   a shell is being run via "sudo -s" or "sudo -i".  Otherwise,
   when trusted mode is enabled, these messages will be displayed
   for each command.

 * On AIX, when the user's password has expired and PAM is not in use,
   sudo will now allow the user to change their password.
   Bug #883.

 * Sudo has a new -B command line option that will ring the terminal
   bell when prompting for a password.

 * Sudo no longer refuses to prompt for a password when it cannot
   determine the user's terminal as long as it can open /dev/tty.
   This allows sudo to function on systems where /proc is unavailable,
   such as when running in a chroot environment.

 * The "env_editor" sudoers flag is now on by default.  This makes
   source builds more consistent with the packages generated by
   sudo's mkpkg script.

 * Sudo no longer ships with pre-formatted copies of the manual pages.
   These were included for systems like IRIX that don't ship with an
   nroff utility.  There are now multiple Open Source nroff replacements
   so this should no longer be an issue.

 * Fixed a bad interaction with configure's --prefix and
   --disable-shared options.  Bug #886.

 * More verbose error message when a password is required and no terminal
   is present.  Bug #828.

 * Command tags, such as NOPASSWD, are honored when a user tries to run a
   command that is allowed by sudoers but which does not actually
   exist on the file system.  Bug #888.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJdXTh9AAoJEKn0wCHOpHD7GOkQALnbAgBR8XWuYsWvM1f2f8Dt
oy96kf4yAXgVe+870mpwbJaV0AYWBEAiaAewRN42haefNp/ZC5DMrSCh/R1jq7TG
RRN3pPRZEb+Jtu6va0VGCrorYyANuuQyCd+mwHkDSuu6S96sDdH69zd+T6UH6Pv2
dpuaX8dzvhIGQPrZwglqFLn0aa2EXhYDewvFvzWpZqCA6JpPV/Q/u36Z6zJnABsN
DRmxZTgZqqp6Cz7+S1pkiptjvB58zLbixOcOIFD65ov3mYMfghC2Jki/XaTEGA/C
LeICVDuM/T6RTkfFmjp/jYb9HbYmOOF99KYfLuSEuYGrX56LvdqjgHSqznPlTOH6
H56ASORV4+Y6Vc1YQPkR98DuJCfjBvJAmxb3pPDhl4tmHzaNPv4caDBBm/fQf4g9
WxRzzotSa25J0w1QMKex4dU+MbFHVdxyO1Vdc3Tr7EY/SGyYUhOXXDjG6wiLuj+t
Khla66ksN4JZqWTtxQpwo3J2Cw6QnXif4AjxFhBCjYPoYZGLiqaJPs7JN2y5LFzT
BuGLJcI8SlVYrfI8OS1cG8My2J0K0Cm39uYRzphy8NOFmgt+f9XOUAamO5m7/dCH
bE2vJER/tizZ+8TOemfQ2jBaB/ufeZYlcpW+3PUvzFWzGGJAkykdfDFH6wcLrXkz
OSaKsi6OYeigFQBnplB3
=1IR5
-----END PGP SIGNATURE-----

More information about the sudo-workers mailing list