[sudo-workers] sudo 1.8.28b1 released
Todd C. Miller
Todd.Miller at sudo.ws
Sat Jul 20 12:20:29 MDT 2019
The first beta version of sudo 1.8.28 is now available.
Sudo 1.8.28 is a bug fix release.
For a list of download mirror sites, see:
Sudo web site:
Sudo web site mirrors:
Major changes between sudo 1.8.28b1` and 1.8.27:
* Sudo will now only set PAM_TTY to the empty string when no
terminal is present on Solaris and Linux. This workaround is
only needed on those systems which may have PAM modules that
misbehave when PAM_TTY is not set.
* The mailerflags sudoers option now has a default value even if
sendmail support was disabled at configure time. Fixes a crash
when the "mailerpath" sudoers option is set but mailerflags is not.
* Sudo will now filter out last login messages on HP-UX unless it
a shell is being run via "sudo -s" or "sudo -i". Otherwise,
when trusted mode is enabled, these messages will be displayed
for each command.
* On AIX, when the user's password has expired and PAM is not in use,
sudo will now allow the user to change their password.
* Sudo has a new -B command line option that will ring the terminal
bell when prompting for a password.
* Sudo no longer refuses to prompt for a password when it cannot
determine the user's terminal as long as it can open /dev/tty.
This allows sudo to function on systems where /proc is unavailable,
such as when running in a chroot environment.
* The "env_editor" sudoers flag is now on by default. This makes
source builds more consistent with the packages generated by
sudo's mkpkg script.
* Sudo no longer ships with pre-formatted copies of the manual pages.
These were included for systems like IRIX that don't ship with an
nroff utility. There are now multiple Open Source nroff replacements
so this should no longer be an issue.
* Fixed a bad interaction with configure's --prefix and
--disable-shared options. Bug #886.
* More verbose error message when a password is required and no terminal
is present. Bug #828.
* Command tags, such as NOPASSWD, are honored when a user tries to run a
command that is allowed by sudoers but which does not actually
exist on the file system. Bug #888.
More information about the sudo-workers