Diff for /embedaddon/sudo/NEWS between versions 1.1.1.5 and 1.1.1.6

version 1.1.1.5, 2013/10/14 07:56:33 version 1.1.1.6, 2014/06/15 16:12:53
Line 1 Line 1
   What's new in Sudo 1.8.10p3?
   
    * Fixed expansion of %p in the prompt for "sudo -l" when rootpw,
      runaspw or targetpw is set.  Bug #639
   
    * Fixed matching of uids and gids which was broken in version 1.8.9.
      Bug #640
   
    * PAM credential initialization has been re-enabled.  It was
      unintentionally disabled by default in version 1.8.8.  The way
      credentials are initialized has also been fixed.  Bug #642.
   
    * Fixed a descriptor leak on Linux when determing boot time.  Sudo
      normally closes extra descriptors before running a command so
      the impact is limited.  Bug #645
   
    * Fixed flushing of the last buffer of data when I/O logging is
      enabled.  This bug, introduced in version 1.8.9, could cause
      incomplete command output on some systems.  Bug #646
   
   What's new in Sudo 1.8.10p2?
   
    * Fixed a hang introduced in sudo 1.8.10 when timestamp_timeout
      is set to zero.
   
   What's new in Sudo 1.8.10p1?
   
    * Fixed a bug introduced in sudo 1.8.10 that prevented the disabling
      of tty-based tickets.
   
    * Fixed a bug with netgated commands in "sudo -l command" that
      could cause the command to be listed even when it was explicitly
      denied.  This only affected list mode when a command was specified.
      Bug #636
   
   What's new in Sudo 1.8.10?
   
    * It is now possible to disable network interface probing in
      sudo.conf by changing the value of the probe_interfaces
      setting.
   
    * When listing a user's privileges (sudo -l), the sudoers plugin
      will now prompt for the user's password even if the targetpw,
      rootpw or runaspw options are set.
   
    * The sudoers plugin uses a new format for its time stamp files.
      Each user now has a single file which may contain multiple records
      when per-tty time stamps are in use (the default).  The time
      stamps use a monotonic timer where available and are once again
      located in a directory under /var/run.  The lecture status is
      now stored separately from the time stamps in a different directory.
      Bug #616
   
    * sudo's -K option will now remove all of the user's time stamps,
      not just the time stamp for the current terminal.  The -k option
      can be used to only disable time stamps for the current terminal.
   
    * If sudo was started in the background and needed to prompt for
      a password, it was not possible to suspend it at the password
      prompt.  This now works properly.
   
    * LDAP-based sudoers now uses a default search filter of
      (objectClass=sudoRole) for more efficient queries.  The netgroup
      query has been modified to avoid falling below the minimum length
      for OpenLDAP substring indices.
   
    * The new "use_netgroups" sudoers option can be used to explicitly
      enable or disable netgroups support.  For LDAP-based sudoers,
      netgroup support requires an expensive substring match on the
      server.  If netgroups are not needed, this option can be disabled
      to reduce the load on the LDAP server.
   
    * Sudo is once again able to open the sudoers file when the group
      on sudoers doesn't match the expected value, so long as the file
      is not group writable.
   
    * Sudo now installs an init.d script to clear the time stamp
      directory at boot time on AIX and HP-UX systems.  These systems
      either lack /var/run or do not clear it on boot.
   
    * The JSON format used by "visudo -x" now properly supports the
      negation operator.  In addition, the Options object is now the
      same for both Defaults and Cmnd_Specs.
   
    * Czech and Serbian translations for sudoers from translationproject.org.
   
    * Catalan translation for sudo from translationproject.org.
   
   What's new in Sudo 1.8.9p5?
   
    * Fixed a compilation error on AIX when LDAP support is enabled.
   
    * Fixed parsing of the "umask" defaults setting in sudoers.  Bug #632.
   
    * Fixed a failed assertion when the "closefrom_override" defaults
      setting is enabled in sudoers and sudo's -C flag is used.  Bug #633.
   
   What's new in Sudo 1.8.9p4?
   
    * Fixed a bug where sudo could consume large amounts of CPU while
      the command was running when I/O logging is not enabled.  Bug #631
   
    * Fixed a bug where sudo would exit with an error when the debug
      level is set to util@debug or all@debug and I/O logging is not
      enabled.  The command would continue runnning after sudo exited.
   
   What's new in Sudo 1.8.9p3?
   
    * Fixed a bug introduced in sudo 1.8.9 that prevented the tty name
      from being resolved properly on Linux systems.  Bug #630.
   
   What's new in Sudo 1.8.9p2?
   
    * Updated config.guess, config.sub and libtool to support the ppc64le
      architecture (IBM PowerPC Little Endian).
   
   What's new in Sudo 1.8.9p1?
   
    * Fixed a problem with gcc 4.8's handling of bit fields that could
      lead to the noexec flag being enabled even when it was not
      explicitly set.
   
   What's new in Sudo 1.8.9?
   
    * Reworked sudo's main event loop to use a simple event subsystem
      using poll(2) or select(2) as the back end.
   
    * It is now possible to statically compile the sudoers plugin into
      the sudo binary without disabling shared library support.  The
      sudo.conf file may still be used to configure other plugins.
   
    * Sudo can now be compiled again with a C preprocessor that does
      not support variadic macros.
   
    * Visudo can now export a sudoers file in JSON format using the
      new -x flag.
   
    * The locale is now set correctly again for visudo and sudoreplay.
   
    * The plugin API has been extended to allow the plugin to exclude
      specific file descriptors from the "closefrom" range.
   
    * There is now a workaround for a Solaris-specific problem where
      NOEXEC was overriding traditional root DAC behavior.
   
    * Add user netgroup filtering for SSSD. Previously, rules for
      a netgroup were applied to all even when they did not belong
      to the specified netgroup.
   
    * On systems with BSD login classes, if the user specified a group
      (not a user) to run the command as, it was possible to specify
      a different login class even when the command was not run as the
      super user.
   
    * The closefrom() emulation on Mac OS X now uses /dev/fd if possible.
   
    * Fixed a bug where sudoedit would not update the original file
      from the temporary when PAM or I/O logging is not enabled.
   
    * When recycling I/O logs, the log files are now truncated properly.
   
    * Fixes bugs #617, #621, #622, #623, #624, #625, #626
   
 What's new in Sudo 1.8.8?  What's new in Sudo 1.8.8?
   
  * Removed a warning on PAM systems with stacked auth modules   * Removed a warning on PAM systems with stacked auth modules

Removed from v.1.1.1.5  
changed lines
  Added in v.1.1.1.6


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>