pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/sudo What's new in Sudo 1.8.21p2
details: https://anonhg.NetBSD.org/pkgsrc/rev/fe8cbdf38478
branches: trunk
changeset: 368217:fe8cbdf38478
user: adam <adam%pkgsrc.org@localhost>
date: Tue Sep 12 06:34:22 2017 +0000
description:
What's new in Sudo 1.8.21p2
* Fixed a bug introduced in version 1.8.21 which prevented sudo
from using the PAM-supplied prompt. Bug 799
* Fixed a bug introduced in version 1.8.21 which could result in
sudo hanging when running commands that exit quickly. Bug 800
* Fixed a bug introduced in version 1.8.21 which prevented the
command from being run when the password was read via an external
program using the askpass interface. Bug 801
What's new in Sudo 1.8.21p1
* On systems that support both PAM and SIGINFO, the main sudo
process will no longer forward SIGINFO to the command if the
signal was generated from the keyboard. The command will have
already received SIGINFO since it is part of the same process
group so there's no need for sudo to forward it. This is
consistent with the handling of SIGINT, SIGQUIT and SIGTSTP.
Bug 796
* If SUDOERS_SEARCH_FILTER in ldap.conf does not specify a value,
the LDAP search expression used when looking up netgroups and
non-Unix groups had a syntax error if a group plugin was not
specified.
* "sudo -U otheruser -l" will now have an exit value of 0 even
if "otheruser" has no sudo privileges. The exit value when a
user attempts to lists their own privileges or when a command
is specified is unchanged.
* Fixed a regression introduced in sudo 1.8.21 where sudoreplay
playback would hang for I/O logs that contain terminal input.
* Sudo 1.8.18 contained an incomplete fix for the matching of
entries in the LDAP and SSSD backends when a sudoRunAsGroup is
specified but no sudoRunAsUser is present in the sudoRole.
What's new in Sudo 1.8.21
* The path that sudo uses to search for terminal devices can now
be configured via the new "devsearch" Path setting in sudo.conf.
* It is now possible to preserve bash shell functions in the
environment when the "env_reset" sudoers setting is disabled by
removing the "*=()*" pattern from the env_delete list.
* A change made in sudo 1.8.15 inadvertantly caused sudoedit to
send itself SIGHUP instead of exiting when the editor returns
an error or the file was not modified.
* Sudoedit now uses an exit code of zero if the file was not
actually modified. Previously, sudoedit treated a lack of
modifications as an error.
* When running a command in a pseudo-tty (pty), sudo now copies a
subset of the terminal flags to the new pty. Previously, all
flags were copied, even those not appropriate for a pty.
* Fixed a problem with debug logging in the sudoers I/O logging
plugin.
* Window size change events are now logged to the policy plugin.
On xterm and compatible terminals, sudoreplay is now capable of
resizing the terminal to match the size of the terminal the
command was run on. The new -R option can be used to disable
terminal resizing.
* Fixed a bug in visudo where a newly added file was not checked
for syntax errors. Bug 791.
* Fixed a bug in visudo where if a syntax error in an include
directory (like /etc/sudoers.d) was detected, the edited version
was left as a temporary file instead of being installed.
* On PAM systems, sudo will now treat "username's Password:" as
a standard password prompt. As a result, the SUDO_PROMPT
environment variable will now override "username's Password:"
as well as the more common "Password:". Previously, the
"passprompt_override" Defaults setting would need to be set for
SUDO_PROMPT to override a prompt of "username's Password:".
* A new "syslog_pid" sudoers setting has been added to include
sudo's process ID along with the process name when logging via
syslog. Bug 792.
* Fixed a bug introduced in sudo 1.8.18 where a command would
not be terminated when the I/O logging plugin returned an error
to the sudo front-end.
* A new "timestamp_type" sudoers setting has been added that replaces
the "tty_tickets" option. In addition to tty and global time stamp
records, it is now possible to use the parent process ID to restrict
the time stamp to commands run by the same process, usually the shell.
Bug 793.
* The --preserve-env command line option has been extended to accept
a comma-separated list of environment variables to preserve.
Bug 279.
* Friulian translation for sudo from translationproject.org.
diffstat:
security/sudo/Makefile | 4 ++--
security/sudo/distinfo | 12 ++++++------
security/sudo/patches/patch-include_sudo__event.h | 8 ++++----
3 files changed, 12 insertions(+), 12 deletions(-)
diffs (58 lines):
diff -r 2f19f640580a -r fe8cbdf38478 security/sudo/Makefile
--- a/security/sudo/Makefile Tue Sep 12 06:15:19 2017 +0000
+++ b/security/sudo/Makefile Tue Sep 12 06:34:22 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.156 2017/09/04 18:08:28 wiz Exp $
+# $NetBSD: Makefile,v 1.157 2017/09/12 06:34:22 adam Exp $
-DISTNAME= sudo-1.8.20p2
+DISTNAME= sudo-1.8.21p2
CATEGORIES= security
MASTER_SITES= https://www.sudo.ws/dist/
MASTER_SITES+= ftp://ftp.sudo.ws/pub/sudo/
diff -r 2f19f640580a -r fe8cbdf38478 security/sudo/distinfo
--- a/security/sudo/distinfo Tue Sep 12 06:15:19 2017 +0000
+++ b/security/sudo/distinfo Tue Sep 12 06:34:22 2017 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.92 2017/06/07 05:41:53 spz Exp $
+$NetBSD: distinfo,v 1.93 2017/09/12 06:34:22 adam Exp $
-SHA1 (sudo-1.8.20p2.tar.gz) = 7aa187518735312a82c5fcb3d253ed700cb8c68e
-RMD160 (sudo-1.8.20p2.tar.gz) = 168f05dd033b14b62c508c85696b89965a15e539
-SHA512 (sudo-1.8.20p2.tar.gz) = 8bf67e687f7a84605fdef8d547b5cd661141b6c8fd25820c33c7e37e97ca7f21f564c3bae691f8a8cd08df7d80338e36a8f06bb5086cc104509d71d6ab1bceda
-Size (sudo-1.8.20p2.tar.gz) = 2930769 bytes
+SHA1 (sudo-1.8.21p2.tar.gz) = 1a2410517a5e7b74f422b120adedf508b346df66
+RMD160 (sudo-1.8.21p2.tar.gz) = fbac868cbf7261a4e9bda538ac93792b6512628c
+SHA512 (sudo-1.8.21p2.tar.gz) = f04bbff54ad74ba73c078e15c75d2f41332d4912078ed66157ba7346b7fff914bd0747460cb4cd0c472af2d3b344fa72f5c62c95169df68a9cac74d7245c720c
+Size (sudo-1.8.21p2.tar.gz) = 2976081 bytes
SHA1 (patch-aa) = 63c89e6d4e530ab92b7452f4025fbbf2a45dad65
SHA1 (patch-af) = db54ce780c174129e2a25a87f3e3a926596c68b2
SHA1 (patch-ag) = 460b9575346c263b944535aa8e2408e959840c77
SHA1 (patch-include_sudo__compat.h) = 4f9b021ebdd507949f13e289deabdb6090ab334c
-SHA1 (patch-include_sudo__event.h) = 6aaf60cfcac89267c55d8578d2bb8785a3c67e0c
+SHA1 (patch-include_sudo__event.h) = 4d0787a45c2c7d4a7d3ae3111ccb3a4a4b84d083
SHA1 (patch-plugins_sudoers_Makefile.in) = d8612ac7bf2f5a892d9720c4df91810ca807f4ed
SHA1 (patch-plugins_sudoers_logging.c) = a42e54af2b6057804aecb3b6a48c565e8ac4df82
SHA1 (patch-src_Makefile.in) = fc2b7ea0835d7fe3192fb12cac8ab2eac61bf132
diff -r 2f19f640580a -r fe8cbdf38478 security/sudo/patches/patch-include_sudo__event.h
--- a/security/sudo/patches/patch-include_sudo__event.h Tue Sep 12 06:15:19 2017 +0000
+++ b/security/sudo/patches/patch-include_sudo__event.h Tue Sep 12 06:34:22 2017 +0000
@@ -1,14 +1,14 @@
-$NetBSD: patch-include_sudo__event.h,v 1.1 2017/05/30 16:14:56 maya Exp $
+$NetBSD: patch-include_sudo__event.h,v 1.2 2017/09/12 06:34:22 adam Exp $
Missing include, fixes build error:
error: field 'timeout' has incomplete type
struct timeval timeout; /* for SUDO_EV_TIMEOUT */
---- include/sudo_event.h.orig 2017-01-14 04:30:15.000000000 +0000
+--- include/sudo_event.h.orig 2017-08-23 18:07:28.000000000 +0000
+++ include/sudo_event.h
-@@ -18,6 +18,7 @@
- #define SUDO_EVENT_H
+@@ -19,6 +19,7 @@
+ #include <signal.h> /* for sigatomic_t and NSIG */
#include "sudo_queue.h"
+#include <sys/time.h> /* timeval */
Home |
Main Index |
Thread Index |
Old Index