[sudo-workers] sudo 1.8.28rc1 released
Todd C. Miller
Todd.Miller at sudo.ws
Thu Sep 19 15:30:22 MDT 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The first release candidate for sudo 1.8.28 is now available. I
expect the final release to happen next week. Sudo 1.8.28 is a bug
fix release.
Source:
https://www.sudo.ws/dist/beta/sudo-1.8.28rc1.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.28rc1.tar.gz
SHA256 checksum:
e73e7acb274b955a322ba0f4c41e9d9ab021206d67cd1697fc2d62510ecb82e5
MD5 checksum:
8a96c871cede60c646c1bdbd7c99a233
Binary packages:
https://www.sudo.ws/dist/beta/packages/index.html#binary
For a list of download mirror sites, see:
https://www.sudo.ws/download_mirrors.html
Sudo web site:
https://www.sudo.ws/
Sudo web site mirrors:
https://www.sudo.ws/mirrors.html
Major changes between sudo 1.8.28rc1 and 1.8.28b3:
* Sudo now writes PAM messages to the user's terminal, if available,
instead of the standard output or standard error. This prevents
PAM output from being intermixed with that of the command when
output is sent to a file or pipe. Bug #895.
* Sudoedit now honors the umask and umask_override settings in sudoers.
Previously, the user's umask was used as-is.
Major changes between sudo 1.8.28b3 and 1.8.28b2:
* Fixed a bug introduced in 1.8.24 that prevented sudo from honoring
the value of "ipa_hostname" from sssd.conf, if specified, when
matching the host name.
* Fixed a bug introduced in 1.8.21 that prevented the core dump
resource limit set in the pam_limits module from taking effect.
Bug #894.
* Fixed parsing of double-quoted Defaults group and netgroup bindings.
* The user ID is now used when matching sudoUser attributes in LDAP.
Previously, the user name, group name and group IDs were used
when matching but not the user ID.
Major changes between sudo 1.8.28b2 and 1.8.28b1:
* Asturian translation for sudoers from translationproject.org.
* I/O log timing files now store signal suspend and resume information
in the form of a signal name instead of a number.
Major changes between sudo 1.8.28b1 and 1.8.27:
* Sudo will now only set PAM_TTY to the empty string when no
terminal is present on Solaris and Linux. This workaround is
only needed on those systems which may have PAM modules that
misbehave when PAM_TTY is not set.
* The mailerflags sudoers option now has a default value even if
sendmail support was disabled at configure time. Fixes a crash
when the "mailerpath" sudoers option is set but mailerflags is not.
Bug #878.
* Sudo will now filter out last login messages on HP-UX unless it
a shell is being run via "sudo -s" or "sudo -i". Otherwise,
when trusted mode is enabled, these messages will be displayed
for each command.
* On AIX, when the user's password has expired and PAM is not in use,
sudo will now allow the user to change their password.
Bug #883.
* Sudo has a new -B command line option that will ring the terminal
bell when prompting for a password.
* Sudo no longer refuses to prompt for a password when it cannot
determine the user's terminal as long as it can open /dev/tty.
This allows sudo to function on systems where /proc is unavailable,
such as when running in a chroot environment.
* The "env_editor" sudoers flag is now on by default. This makes
source builds more consistent with the packages generated by
sudo's mkpkg script.
* Sudo no longer ships with pre-formatted copies of the manual pages.
These were included for systems like IRIX that don't ship with an
nroff utility. There are now multiple Open Source nroff replacements
so this should no longer be an issue.
* Fixed a bad interaction with configure's --prefix and
--disable-shared options. Bug #886.
* More verbose error message when a password is required and no terminal
is present. Bug #828.
* Command tags, such as NOPASSWD, are honored when a user tries to run a
command that is allowed by sudoers but which does not actually
exist on the file system. Bug #888.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJdg/NKAAoJEKn0wCHOpHD7DCUP/jOaqyToOke9f+lsaS2Dw0TV
32pRVheOAt/RgEb7MNGQWHUvIE3b4LQprCy0IcXT2J5ojXQWK5/E0gFH5QhnhW1O
CwwSxkYN5V3w+rCancnGBUNnSxDgLw/mDqFel9Ek7KPabLUBkQyjI/fWBGQoblXZ
U7n8XyMjUY3rb6SEuddKAJTSCDITt8YlpqEmbRSUcroHH6ddfSQMjkTtR58Xbk7G
U8LNfgRpAdgeY2phiDXx6/SPLOkApoYEvSttkrH4IjAmgFB3gCH1nmSdoQ7oyPVg
hnoijO5qEYyunQrmuNpLzC8AKwW/U/79ZjYgZ8OK/49cJUyv598o0swq3lEauDO/
9Mzpnyi1iWlJdHUEVNx6J9cJh7GtVYPe4YthvvFizkSeKbd9GCo6v+I2clXhnwSI
+StT0D9EMvDJEsY4Nvm5zz7pzfsGDLsfWVYsfes8FZqn8VedFeQSNqP+kFzyAqgn
zVvDKnwUCZP/qsS8jDWBIOapa6dHDXfJ5OEzPmq0p0fbJRQmNmIPbfpKZ1BZWl47
mfyp/dTs5qDoAaAitMUwEBevmPeNPcTa2huJf8zqpGl27lVwdy/rHbxXz1Yxaydf
Vgj11/Ok4fabgQBhVV0gBAdGuCXXFXgifr0HSDVN2nqt3eUPyrnwqavol3y53Shx
mAReTFaX5Z0sO71up5Cv
=1/QC
-----END PGP SIGNATURE-----
More information about the sudo-workers
mailing list