From: Todd C. Miller Date: Fri, 10 Sep 2010 17:56:20 +0000 (-0400) Subject: Update for sudo 1.7.5 X-Git-Tag: SUDO_1_7_5~163 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d0f9b722eea30cfc29c74e03f831a3462c62af72;p=sudo Update for sudo 1.7.5 --HG-- branch : 1.7 --- diff --git a/NEWS b/NEWS index 21d4e6114..43a39643d 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,76 @@ +What's new in Sudo 1.7.5? + + * The LOG_INPUT and LOG_OUTPUT tags in sudoers are now parsed correctly. + + * When using visudo in check mode, a file named "-" may be used to + check sudoers data on the standard input. + + * Sudo now only fetches shadow password entries when using the + password database directly for authentication. + + * Password and group entries are now cached using the same key + that was used to look them up. This fixes a problem when looking + up entries by name if the name in the retrieved entry does not + match the name used to look it up. This may happen on some systems + that do case insensitive lookups or that truncate long names. + + * Gcc will no longer display warnings on glibc systems that use + the warn_unused_result attribute for write(2) and other system calls. + +What's new in Sudo 1.7.4p4? + + * A potential security issue has been fixed with respect to the handling + of sudo's -g command line option when -u is also specified. The flaw + may allow an attacker to run commands as a user that is not authorized + by the sudoers file. + + * A bug has been fixed where "sudo -l" output was incomplete if multiple + sudoers sources were defined in nsswitch.conf and there was an error + querying one of the sources. + + * The log_input, log_output, and use_pty sudoers options now work correctly + on AIX. Previously, sudo would hang if they were enabled. + + * The "make install" target now works correctly when sudo is built in a + directory other than the source directory. + + * The "runas_default" sudoers setting now works properly in a per-command + Defaults line. + + * Suspending and resuming the bash shell when PAM is in use now works + correctly. The SIGCONT signal was not propagated to the child process. + +What's new in Sudo 1.7.4p3? + + * A bug has been fixed where duplicate HOME environment variables could be + present when the env_reset setting was disabled and the always_set_home + setting was enabled in sudoers. + + * The value of sysconfdir is now substituted into the path to the sudoers.d + directory in the installed sudoers file. + + * Compilation problems on IRIX and other platforms have been fixed. + + * If multiple PAM "auth" actions are specified and the user enters ^C at + the password prompt, sudo will no longer prompt for a password for any + subsequent "auth" actions. Previously it was necessary to enter ^C for + each "auth" action. + +What's new in Sudo 1.7.4p2? + + * A bug where sudo could spin in a busy loop waiting for the child process + has been fixed. + +What's new in Sudo 1.7.4p1? + + * A bug introduced in sudo 1.7.3 that prevented the -k and -K options from + functioning when the tty_tickets sudoers option is enabled has been fixed. + + * Sudo no longer prints a warning when the -k or -K options are specified + and the ticket file does not exist. + + * It is now easier to cross-compile sudo. + What's new in Sudo 1.7.4? * Sudoedit will now preserve the file extension in the name of the diff --git a/README b/README index 4f6f454f7..31856409c 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -This is Sudo version 1.7.4 +This is Sudo version 1.7.5 The sudo philosophy =================== diff --git a/configure b/configure index 7ae9cf497..280085b82 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65 for sudo 1.7.4. +# Generated by GNU Autoconf 2.65 for sudo 1.7.5. # # Report bugs to . # @@ -701,8 +701,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.7.4' -PACKAGE_STRING='sudo 1.7.4' +PACKAGE_VERSION='1.7.5' +PACKAGE_STRING='sudo 1.7.5' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1552,7 +1552,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.7.4 to adapt to many kinds of systems. +\`configure' configures sudo 1.7.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1617,7 +1617,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.7.4:";; + short | recursive ) echo "Configuration of sudo 1.7.5:";; esac cat <<\_ACEOF @@ -1828,7 +1828,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.7.4 +sudo configure 1.7.5 generated by GNU Autoconf 2.65 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2527,7 +2527,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.7.4, which was +It was created by sudo $as_me 1.7.5, which was generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -18977,7 +18977,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.7.4, which was +This file was extended by sudo $as_me 1.7.5, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19043,7 +19043,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.7.4 +sudo config.status 1.7.5 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index ae06875b3..c9ef33c98 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2010 Todd C. Miller dnl -AC_INIT([sudo], [1.7.4], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.7.5], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER(config.h pathnames.h) dnl dnl This won't work before AC_INIT