From Todd.Miller at sudo.ws Mon Jun 17 07:11:25 2024 From: Todd.Miller at sudo.ws (Todd C. Miller) Date: Mon, 17 Jun 2024 07:11:25 -0600 Subject: [sudo-workers] sudo 1.9.16b1 released Message-ID: <9344225ded5202ec@millert.dev> The first beta release of sudo 1.9.16 is now available. This is primarily a bug fix release. Source: https://www.sudo.ws/dist/beta/sudo-1.9.16b1.tar.gz ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.9.16b1.tar.gz SHA256 checksum: 7a54a6549d4242867cf1a12f363b44bff27dc61305231f2aa61c5314b8d9cec4 MD5 checksum: 6a5026e0fa5df50a9f108a3bf59f457c Binary packages: https://www.sudo.ws/getting/beta_packages/ For a list of download mirror sites, see: https://www.sudo.ws/getting/download_mirrors/ Sudo web site: https://www.sudo.ws/ Major changes between sudo 1.9.15p5 and 1.9.16b1: * Added the "cmddenial_message" sudoers option to provide additional information to the user when a command is denied by the sudoers policy. The default message is still displayed. * The time stamp used for file-based logs is now more consistent with the time stamp produced by syslog. GitHub issues #327. * Sudo will now warn the user if it can detect the user's terminal but cannot determine the path to the terminal device. The sudoers time stamp file will now use the terminal device number directly. GitHub issue #329. * The embedded copy of zlib has been updated to version 1.3.1. * Improved error handling if generating the list of signals and signal names fails at build time. * Fixed a compilation issue on Linux systems without process_vm_readv(). * Fixed cross-compilation with WolfSSL. * Added a "json_compact" value for the sudoers "log_format" option which can be used when logging to a file. The existing "json" value has been aliased to "json_pretty". In a future release, "json" will be an alias for "json_compact". GitHub issue #357. * A new "pam_silent" sudoers option has been added which may be negated to avoid suppressing output from PAM authentication modules. GitHub issue #216. * Fixed several cvtsudoers JSON output problems. GitHub issues #369, #370, #371, #373, #381. * When sudo runs a command in a pseudo-terminal and the user's terminal is revoked, the pseudo-terminal's foreground process group will now receive SIGHUP before the terminal is revoked. This emulates the behavior of the session leader exiting and is consistent with what happens when, for example, an ssh session is closed. GitHub issue #367. * Fixed "make test" with Python 3.12. GitHub issue #374. * In schema.ActiveDirectory, fixed the quoting in the example command. GitHub issue #376. * Paths specified via a Chdir_Spec or Chroot_Spec in sudoers may now be double-quoted. * Sudo insults are now included by default, but disabled unless the --with-insults configure option is specified or the "insults" sudoers option is enabled. * The default sudoers file now enables the "secure_path" option by default and preserves the EDITOR, VISUAL, and SUDO_EDITOR environment variables when running visudo. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: not available URL: