diff options
| -rw-r--r-- | NEWS | 58 | ||||
| -rwxr-xr-x | configure | 18 | ||||
| -rw-r--r-- | configure.ac | 2 |
3 files changed, 68 insertions, 10 deletions
@@ -1,3 +1,61 @@ +What's new in Sudo 1.9.10 + + * Added new "log_passwords" and "passprompt_regex" sudoers options. + If "log_passwords" is disabled, sudo will attempt to prevent passwords + from being logged. If sudo detects any of the regular expressions in + the "passprompt_regex" list in the terminal output, sudo will log '*' + characters instead of the terminal input until a newline or carriage + return is found in the input or an output character is received. + + * Fixed a bug in "cvtsudoers" when merging multiple sudoers files + with an associated host name when they contain conflicting + Defaults entries. + + * In sudo_logsrvd, fixed parsing of "retry_interval" in the [relay] + section. Previously, attempting to set "retry_interval" would + result in a parse error. + + * Added a new "noninteractive_auth" sudoers option to control + whether PAM authentication is attempted in non-interactive mode. + If "noninteractive_auth" is set, authentication methods that do + not require input from the user's terminal may proceed. This + option is off by default, which restores the pre-1.9.9 behavior + of "sudo -n". GitHub issue #131. + + * Added a fallback method when determining the terminal name on + systems with /proc when /proc/self/stat or /proc/pid/psinfo is + missing or invalid. If the /proc file indicates no terminal is + present, there is no fallback. Bug #1020 + + * Fixed compilation on Debian kFreeBSD. Bug #1021. + + * Fixed a crash in sudo_logsrvd when running in relay mode if + an alert message is received. + + * Sudo no longer returns an error if the SSSD back-end is unable + to contact to the SSSD sudo connector. This can happen when + nsswitch.conf lists "sss" as a sudoers source but SSSD is not + configured for sudo. Previously, a useless "problem with defaults + entries" message would be sent to root when the SSSD back-end + attempted to fetch the global defaults. Bug #1022. + + * Removed the text "This incident will be reported." from warnings + when the invoking user is not listed in sudoers. This warning + is confusing to users and may not be accurate now that the email + settings are configurable in the sudoers file. GitHub issue #48. + + * Fixed a bug where the user-specified command timeout was not + being honored if the sudoers rule did not also specify a timeout. + + * Added support for matching commands and arguments in sudoers + using POSIX extended regular expressions. Either the command, + the arguments, or both may be (separate) regular expressions. + Regular expressions for commands and arguments must start with + a '^' character and end with a '$'. This makes it possible for + the sudoers parser to tell what is, or is not, a regular expression. + It also means that partial matches are not possible unless the + pattern explicitly allows it. Bug #578, GitHub issue #15. + What's new in Sudo 1.9.9 * Sudo can now be built with OpenSSL 3.0 without generating warnings @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for sudo 1.9.9. +# Generated by GNU Autoconf 2.71 for sudo 1.9.10. # # Report bugs to <https://bugzilla.sudo.ws/>. # @@ -621,8 +621,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.9.9' -PACKAGE_STRING='sudo 1.9.9' +PACKAGE_VERSION='1.9.10' +PACKAGE_STRING='sudo 1.9.10' PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/' PACKAGE_URL='' @@ -1636,7 +1636,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.9.9 to adapt to many kinds of systems. +\`configure' configures sudo 1.9.10 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1702,7 +1702,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.9.9:";; + short | recursive ) echo "Configuration of sudo 1.9.10:";; esac cat <<\_ACEOF @@ -1991,7 +1991,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.9.9 +sudo configure 1.9.10 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2648,7 +2648,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.9.9, which was +It was created by sudo $as_me 1.9.10, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -32759,7 +32759,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.9.9, which was +This file was extended by sudo $as_me 1.9.10, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -32827,7 +32827,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -sudo config.status 1.9.9 +sudo config.status 1.9.10 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 92381cb07..bc1a24400 100644 --- a/configure.ac +++ b/configure.ac @@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. dnl AC_PREREQ([2.70]) -AC_INIT([sudo], [1.9.9], [https://bugzilla.sudo.ws/], [sudo]) +AC_INIT([sudo], [1.9.10], [https://bugzilla.sudo.ws/], [sudo]) AC_CONFIG_HEADERS([config.h pathnames.h]) AC_CONFIG_SRCDIR([src/sudo.c]) AC_CONFIG_AUX_DIR([scripts]) |