From: Todd C. Miller Date: Fri, 6 May 2016 15:44:52 +0000 (-0600) Subject: Update for 1.8.17 X-Git-Tag: SUDO_1_8_17^2~98 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3b4f2bbfff5ad6eab450998194a4e8da81d50e11;p=sudo Update for 1.8.17 --- diff --git a/NEWS b/NEWS index 274da1c48..545a77205 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,33 @@ +What's new in Sudo 1.8.17 + + * On AIX, if /etc/security/login.cfg has auth_type set to PAM_AUTH + but pam_start(3) fails, fall back to AIX authentication. + Bug #740. + + * Sudo now takes all sudoers sources into account when determining + whether or not "sudo -l" or "sudo -b" should prompt for a password. + In other words, if both file and ldap sudoers sources are in + specified in /etc/nsswitch.conf, "sudo -v" will now require that + all entries in both sources be have NOPASSWD (file) or !authenticate + (ldap) in the entries. + + * Sudo now ignores SIGPIPE until the command is executed. Previously, + SIGPIPE was only ignored in a few select places. Bug #739. + + * Fixed a bug introduced in sudo 1.8.14 where (non-syslog) log + file entries were missing the newline when loglinelen is set to + a non-positive number. Bug #742. + + * Unix groups are now set before the plugin session intialization + code is run. This makes it possible to use dynamic groups with + the Linux-PAM pam_group module. + + * Fixed a bug where a debugging statement could dereference a NULL + pointer when looking up a group that doesn't exist. Bug #743. + + * Sudo has been run through the Coverity code scanner. A number of + minor bugs have been fixed as a result. None were security issues. + What's new in Sudo 1.8.16 * Fixed a compilation error on Solaris 10 with Stun Studio 12.