Opened 4 years ago

Closed 4 years ago

#11032 closed enhancement (fixed)

sudo-1.8.25

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by Bruce Dubbs)

New point version.

Now version 1.8.25.

Change History (4)

comment:1 by Bruce Dubbs, 4 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 4 years ago

What's new in Sudo 1.8.25

  • Fixed a bug introduced in sudo 1.8.20 that broke formatting of I/O log timing file entries on systems without a C99-compatible snprintf() function. Our replacement snprintf() doesn't support floating point so we can't use the "%f" format directive.
  • I/O log timing file entries now use a monotonic timer and include nanosecond precision. A monotonic timer that does not increment while the system is sleeping is used where available.
  • Fixed a bug introduced in sudo 1.8.24 where sudoNotAfter in the LDAP backend was not being properly parsed. Bug #845.
  • When sudo runs a command in a pseudo-tty, the slave device is now closed in the main process immediately after starting the monitor process. This removes the need for an AIX-specific workaround that was added in sudo 1.8.24.
  • Added support for monotonic timers on HP-UX.
  • Fixed a bug displaying timeout values the "sudo -V" output. The value displayed was 3600 times the actual value. Bug #846.
  • Fixed a build issue on AIX 7.1 BOS levels that include memset_s() and define rsize_t in string.h. Bug #847.
  • The testsudoers utility now supports querying an LDIF-format policy.
  • Sudo now sets the LOGIN environment variable to the same value as LOGNAME on AIX systems. Bug #848.
  • Fixed a regression introduced in sudo 1.8.24 where the LDAP and SSSD backends evaluated the rules in reverse sudoOrder. Bug #849.

What's new in Sudo 1.8.24

  • The LDAP and SSS back-ends now use the same rule evaluation code as the sudoers file backend. This builds on the work in sudo 1.8.23 where the formatting functions for "sudo -l" output were shared. The handling of negated commands in SSS and LDAP is unchanged.
  • Fixed a regression introduced in 1.8.23 where "sudo -i" could not be used in conjunction with --preserve-env=VARIABLE. Bug #835.
  • cvtsudoers can now parse base64-encoded attributes in LDIF files.
  • Random insults are now more random.
  • Fixed the noexec wordexp(3) test on FreeBSD.
  • Added SUDO_CONV_PREFER_TTY flag for conversation function to tell sudo to try writing to /dev/tty first. Can be used in conjunction with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.
  • Sudo now supports an arbitrary number of groups per user on Solaris. Previously, only the first 64 groups were found. This should remove the need to set "max_groups" in sudo.conf.
  • Fixed typos in the OpenLDAP sudo schema. Bugs #839 and #840.
  • Fixed a race condition when building with parallel make. Bug #842.
  • Fixed a duplicate free when netgroup_base in ldap.conf is set to an invalid value.
  • Fixed a bug introduced in sudo 1.8.23 on AIX that could prevent local users and groups from being resolved properly on systems that have users stored in NIS, LDAP or AD.
  • Added a workaround for an AIX bug exposed by a change in sudo 1.8.23 that prevents the terminal mode from being restored when I/O logging is enabled.
  • On systems using PAM, sudo now ignores the PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED errors from PAM account management if authentication is disabled for the user. This fixes a regression introduced in sudo 1.8.23. Bug #843.
  • Fixed an ambiguity in the sudoers manual in the description and definition of User, Runas, Host, and Cmnd Aliases. Bug #834.
  • Fixed a bug that resulted in only the first window size change event being logged.
  • Fixed a bug on HP-UX systems introduced in sudo 1.8.22 that caused sudo to prompt for a password every time when tty-based time stamp files were in use.
  • Fixed a compilation problem on systems that define O_PATH or O_SEARCH in fnctl.h but do not define O_DIRECTORY. Bug #844.

comment:3 by Bruce Dubbs, 4 years ago

Description: modified (diff)
Summary: sudo-1.8.24sudo-1.8.25

comment:4 by Bruce Dubbs, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 20449.

Note: See TracTickets for help on using tickets.