--- embedaddon/sudo/NEWS	2013/10/14 07:56:33	1.1.1.5
+++ embedaddon/sudo/NEWS	2014/06/15 16:12:53	1.1.1.6
@@ -1,3 +1,166 @@
+What's new in Sudo 1.8.10p3?
+
+ * Fixed expansion of %p in the prompt for "sudo -l" when rootpw,
+   runaspw or targetpw is set.  Bug #639
+
+ * Fixed matching of uids and gids which was broken in version 1.8.9.
+   Bug #640
+
+ * PAM credential initialization has been re-enabled.  It was
+   unintentionally disabled by default in version 1.8.8.  The way
+   credentials are initialized has also been fixed.  Bug #642.
+
+ * Fixed a descriptor leak on Linux when determing boot time.  Sudo
+   normally closes extra descriptors before running a command so
+   the impact is limited.  Bug #645
+
+ * Fixed flushing of the last buffer of data when I/O logging is
+   enabled.  This bug, introduced in version 1.8.9, could cause
+   incomplete command output on some systems.  Bug #646
+
+What's new in Sudo 1.8.10p2?
+
+ * Fixed a hang introduced in sudo 1.8.10 when timestamp_timeout
+   is set to zero.
+
+What's new in Sudo 1.8.10p1?
+
+ * Fixed a bug introduced in sudo 1.8.10 that prevented the disabling
+   of tty-based tickets.
+
+ * Fixed a bug with netgated commands in "sudo -l command" that
+   could cause the command to be listed even when it was explicitly
+   denied.  This only affected list mode when a command was specified.
+   Bug #636
+
+What's new in Sudo 1.8.10?
+
+ * It is now possible to disable network interface probing in
+   sudo.conf by changing the value of the probe_interfaces
+   setting.
+
+ * When listing a user's privileges (sudo -l), the sudoers plugin
+   will now prompt for the user's password even if the targetpw,
+   rootpw or runaspw options are set.
+
+ * The sudoers plugin uses a new format for its time stamp files.
+   Each user now has a single file which may contain multiple records
+   when per-tty time stamps are in use (the default).  The time
+   stamps use a monotonic timer where available and are once again
+   located in a directory under /var/run.  The lecture status is
+   now stored separately from the time stamps in a different directory.
+   Bug #616
+
+ * sudo's -K option will now remove all of the user's time stamps,
+   not just the time stamp for the current terminal.  The -k option
+   can be used to only disable time stamps for the current terminal.
+
+ * If sudo was started in the background and needed to prompt for
+   a password, it was not possible to suspend it at the password
+   prompt.  This now works properly.
+
+ * LDAP-based sudoers now uses a default search filter of
+   (objectClass=sudoRole) for more efficient queries.  The netgroup
+   query has been modified to avoid falling below the minimum length
+   for OpenLDAP substring indices.
+
+ * The new "use_netgroups" sudoers option can be used to explicitly
+   enable or disable netgroups support.  For LDAP-based sudoers,
+   netgroup support requires an expensive substring match on the
+   server.  If netgroups are not needed, this option can be disabled
+   to reduce the load on the LDAP server.
+
+ * Sudo is once again able to open the sudoers file when the group
+   on sudoers doesn't match the expected value, so long as the file
+   is not group writable.
+
+ * Sudo now installs an init.d script to clear the time stamp
+   directory at boot time on AIX and HP-UX systems.  These systems
+   either lack /var/run or do not clear it on boot.
+
+ * The JSON format used by "visudo -x" now properly supports the
+   negation operator.  In addition, the Options object is now the
+   same for both Defaults and Cmnd_Specs.
+
+ * Czech and Serbian translations for sudoers from translationproject.org.
+
+ * Catalan translation for sudo from translationproject.org.
+
+What's new in Sudo 1.8.9p5?
+
+ * Fixed a compilation error on AIX when LDAP support is enabled.
+
+ * Fixed parsing of the "umask" defaults setting in sudoers.  Bug #632.
+
+ * Fixed a failed assertion when the "closefrom_override" defaults
+   setting is enabled in sudoers and sudo's -C flag is used.  Bug #633.
+
+What's new in Sudo 1.8.9p4?
+
+ * Fixed a bug where sudo could consume large amounts of CPU while
+   the command was running when I/O logging is not enabled.  Bug #631
+
+ * Fixed a bug where sudo would exit with an error when the debug
+   level is set to util@debug or all@debug and I/O logging is not
+   enabled.  The command would continue runnning after sudo exited.
+
+What's new in Sudo 1.8.9p3?
+
+ * Fixed a bug introduced in sudo 1.8.9 that prevented the tty name
+   from being resolved properly on Linux systems.  Bug #630.
+
+What's new in Sudo 1.8.9p2?
+
+ * Updated config.guess, config.sub and libtool to support the ppc64le
+   architecture (IBM PowerPC Little Endian).
+
+What's new in Sudo 1.8.9p1?
+
+ * Fixed a problem with gcc 4.8's handling of bit fields that could
+   lead to the noexec flag being enabled even when it was not
+   explicitly set.
+
+What's new in Sudo 1.8.9?
+
+ * Reworked sudo's main event loop to use a simple event subsystem
+   using poll(2) or select(2) as the back end.
+
+ * It is now possible to statically compile the sudoers plugin into
+   the sudo binary without disabling shared library support.  The
+   sudo.conf file may still be used to configure other plugins.
+
+ * Sudo can now be compiled again with a C preprocessor that does
+   not support variadic macros.
+
+ * Visudo can now export a sudoers file in JSON format using the
+   new -x flag.
+
+ * The locale is now set correctly again for visudo and sudoreplay.
+
+ * The plugin API has been extended to allow the plugin to exclude
+   specific file descriptors from the "closefrom" range.
+
+ * There is now a workaround for a Solaris-specific problem where
+   NOEXEC was overriding traditional root DAC behavior.
+
+ * Add user netgroup filtering for SSSD. Previously, rules for
+   a netgroup were applied to all even when they did not belong
+   to the specified netgroup.
+
+ * On systems with BSD login classes, if the user specified a group
+   (not a user) to run the command as, it was possible to specify
+   a different login class even when the command was not run as the
+   super user.
+
+ * The closefrom() emulation on Mac OS X now uses /dev/fd if possible.
+
+ * Fixed a bug where sudoedit would not update the original file
+   from the temporary when PAM or I/O logging is not enabled.
+
+ * When recycling I/O logs, the log files are now truncated properly.
+
+ * Fixes bugs #617, #621, #622, #623, #624, #625, #626
+
 What's new in Sudo 1.8.8?
 
  * Removed a warning on PAM systems with stacked auth modules