+What's new in Sudo 1.8.7?
+
+ * The non-Unix group plugin is now supported when sudoers data
+ is stored in LDAP.
+
+ * Sudo now uses a workaround for a locale bug on Solaris 11.0
+ that prevents setuid programs like sudo from fully using locales.
+
+ * User messages are now always displayed in the user's locale,
+ even when the same message is being logged or mailed in a
+ different locale.
+
+ * Log files created by sudo now explicitly have the group set
+ to group ID 0 rather than relying on BSD group semantics (which
+ may not be the default).
+
+ * A new "exec_background" sudoers option can be used to initially
+ run the command without read access to the terminal when running
+ a command in a pseudo-tty. If the command tries to read from
+ the terminal it will be stopped by the kernel (via SIGTTIN or
+ SIGTTOU) and sudo will immediately restart it as the forground
+ process (if possible). This allows sudo to only pass terminal
+ input to the program if the program actually is expecting it.
+ Unfortunately, a few poorly-behaved programs (like "su" on most
+ Linux systems) do not handle SIGTTIN and SIGTTOU properly.
+
+ * Sudo now uses an efficient group query to get all the groups
+ for a user instead of iterating over every record in the group
+ database on HP-UX and Solaris.
+
+ * Sudo now produces better error messages when there is an error
+ in the sudo.conf file.
+
+ * Two new settings have been added to sudo.conf to give the admin
+ better control of how group database queries are performed. The
+ "group_source" specifies how the group list for a user will be
+ determined. Legal values are "static" (use the kernel groups
+ list), "dynamic" (perform a group database query) and "adaptive"
+ (only perform a group database query if the kernel list is full).
+ The "max_groups" specifies the maximum number of groups a user may
+ belong to when performing a group database query.
+
+ * The sudo.conf file now supports line continuation by using a
+ backslash as the last character on the line.
+
+ * There is now a standalone sudo.conf manual page.
+
+ * Sudo now stores its libexec files in a "sudo" subdirectory instead
+ of in libexec itself. For backwards compatibility, if the plugin
+ is not found in the default plugin directory, sudo will check
+ the parent directory if the default directory ends in "/sudo".
+
+ * The sudoers I/O logging plugin now logs the terminal size.
+
+ * A new sudoers option "maxseq" can be used to limit the number of
+ I/O log entries that are stored.
+
+ * The "system_group" and "group_file" sudoers group provider plugins
+ are now installed by default.
+
+ * The list output (sudo -l) output from the sudoers plugin is now
+ less ambiguous when an entry includes different runas users.
+ The long list output (sudo -ll) for file-based sudoers is now
+ more consistent with the format of LDAP-based sudoers.
+
+ * A uid may now be used in the sudoRunAsUser attributes for LDAP
+ sudoers.
+
+ * Minor plugin API change: the close and version functions are now
+ optional. If the policy plugin does not provide a close function
+ and the command is not being run in a new pseudo-tty, sudo may
+ now execute the command directly instead of in a child process.
+
+ * A new sudoers option "pam_session" can be used to disable sudo's
+ PAM session support.
+
+ * On HP-UX systems, sudo will now use the pstat() function to
+ determine the tty instead of ttyname().
+
+ * Turkish translation for sudo and sudoers from translationproject.org.
+
+ * Dutch translation for sudo and sudoers from translationproject.org.
+
+ * Tivoli Directory Server client libraries may now be used with
+ HP-UX where libibmldap has a hidden dependency on libCsup.
+
+ * The sudoers plugin will now ignore invalid domain names when
+ checking netgroup membership. Most Linux systems use the string
+ "(none)" for the NIS-style domain name instead of an empty string.
+
+ * New support for specifying a SHA-2 digest along with the command
+ in sudoers. Supported hash types are sha224, sha256, sha384 and
+ sha512. See the description of Digest_Spec in the sudoers manual
+ or the description of sudoCommand in the sudoers.ldap manual for
+ details.
+
+ * The paths to ldap.conf and ldap.secret may now be specified as
+ arguments to the sudoers plugin in the sudo.conf file.
+
+ * Fixed potential false positives in visudo's alias cycle detection.
+
+ * Fixed a problem where the time stamp file was being treated
+ as out of date on Linux systems where the change time on the
+ pseudo-tty device node can change after it is allocated.
+
+ * Sudo now only builds Position Independent Executables (PIE)
+ by default on Linux systems and verifies that a trivial test
+ program builds and runs.
+
+ * On Solaris 11.1 and higher, sudo binaries will now have the
+ ASLR tag enabled if supported by the linker.
+
+What's new in Sudo 1.8.6p8?
+
+ * Terminal detection now works properly on 64-bit AIX kernels.
+ This was broken by the removal of the ttyname() fallback in Sudo
+ 1.8.6p6. Sudo is now able to map an AIX 64-bit device number
+ to the corresponding device file in /dev.
+
+ * Sudo now checks for crypt() returning NULL when performing
+ passwd-based authentication.
+
+What's new in Sudo 1.8.6p7?
+
+ * A time stamp file with the date set to the epoch by "sudo -k"
+ is now completely ignored regardless of what the local clock is
+ set to. Previously, if the local clock was set to a value between
+ the epoch and the time stamp timeout value, a time stamp reset
+ by "sudo -k" would be considered current.
+
+ * The tty-specific time stamp file now includes the session ID
+ of the sudo process that created it. If a process with the same
+ tty but a different session ID runs sudo, the user will now be
+ prompted for a password (assuming authentication is required for
+ the command).
+
+What's new in Sudo 1.8.6p6?
+
+ * On systems where the controlling tty can be determined via /proc
+ or sysctl(), sudo will no longer fall back to using ttyname()
+ if the process has no controlling tty. This prevents sudo from
+ using a non-controlling tty for logging and time stamp purposes.
+
+What's new in Sudo 1.8.6p5?
+
+ * Fixed a potential crash in visudo's alias cycle detection.
+
+ * Improved performance on Solaris when retrieving the group list
+ for the target user. On systems with a large number of groups
+ where the group database is not local (NIS, LDAP, AD), fetching
+ the group list could take a minute or more.
+
+What's new in Sudo 1.8.6p4?
+
+ * The -fstack-protector is now used when linking visudo, sudoreplay
+ and testsudoers.
+
+ * Avoid building PIE binaries on FreeBSD/ia64 as they don't run
+ properly.
+
+ * Fixed a crash in visudo strict mode when an unknown Defaults
+ setting is encountered.
+
+ * Do not inform the user that the command was not permitted by the
+ policy if they do not successfully authenticate. This is a
+ regression introduced in sudo 1.8.6.
+
+ * Allow sudo to be build with sss support without also including
+ ldap support.
+
+ * Fix running commands that need the terminal in the background
+ when I/O logging is enabled. E.g. "sudo vi &". When the command
+ is foregrounded, it will now resume properly.
+
+What's new in Sudo 1.8.6p3?
+
+ * Fixed post-processing of the man pages on systems with legacy
+ versions of sed.
+
+ * Fixed "sudoreplay -l" on Linux systems with file systems that
+ set DT_UNKNOWN in the d_type field of struct dirent.
+
+What's new in Sudo 1.8.6p2?
+
+ * Fixed suspending a command after it has already been resumed
+ once when I/O logging (or use_pty) is not enabled.
+ This was a regression introduced in version 1.8.6.
+
+What's new in Sudo 1.8.6p1?
+
+ * Fixed the setting of LOGNAME, USER and USERNAME variables in the
+ command's environment when env_reset is enabled (the default).
+ This was a regression introduced in version 1.8.6.
+
+ * Sudo now honors SUCCESS=return in /etc/nsswitch.conf.
+
+What's new in Sudo 1.8.6?
+
+ * Sudo is now built with the -fstack-protector flag if the the
+ compiler supports it. Also, the -zrelro linker flag is used if
+ supported. The --disable-hardening configure option can be used
+ to build sudo without stack smashing protection.
+
+ * Sudo is now built as a Position Independent Executable (PIE)
+ if supported by the compiler and linker.
+
+ * If the user is a member of the "exempt" group in sudoers, they
+ will no longer be prompted for a password even if the -k flag
+ is specified with the command. This makes "sudo -k command"
+ consistent with the behavior one would get if the user ran "sudo
+ -k" immediately before running the command.
+
+ * The sudoers file may now be a symbolic link. Previously, sudo
+ would refuse to read sudoers unless it was a regular file.
+
+ * The sudoreplay command can now properly replay sessions where
+ no tty was present.
+
+ * The sudoers plugin now takes advantage of symbol visibility
+ controls when supported by the compiler or linker. As a result,
+ only a small number of symbols are exported which significantly
+ reduces the chances of a conflict with other shared objects.
+
+ * Improved support for the Tivoli Directory Server LDAP client
+ libraries. This includes support for using LDAP over SSL (ldaps)
+ as well as support for the BIND_TIMELIMIT, TLS_KEY and TLS_CIPHERS
+ ldap.conf options. A new ldap.conf option, TLS_KEYPW can be
+ used to specify a password to decrypt the key database.
+
+ * When constructing a time filter for use with LDAP sudoNotBefore
+ and sudoNotAfter attributes, the current time now includes tenths
+ of a second. This fixes a problem with timed entries on Active
+ Directory.
+
+ * If a user fails to authenticate and the command would be rejected
+ by sudoers, it is now logged with "command not allowed" instead
+ of "N incorrect password attempts". Likewise, the "mail_no_perms"
+ sudoers option now takes precedence over "mail_badpass".
+
+ * The sudo manuals are now formatted using the mdoc macros. Versions
+ using the legacy man macros are provided for systems that lack mdoc.
+
+ * New support for Solaris privilege sets. This makes it possible
+ to specify fine-grained privileges in the sudoers file on Solaris
+ 10 and above. A Runas_Spec that contains no Runas_Lists can be
+ used to give a user the ability to run a command as themselves
+ but with an expanded privilege set.
+
+ * Fixed a problem with the reboot and shutdown commands on some
+ systems (such as HP-UX and BSD). On these systems, reboot sends
+ all processes (except itself) SIGTERM. When sudo received
+ SIGTERM, it would relay it to the reboot process, thus killing
+ reboot before it had a chance to actually reboot the system.
+
+ * Support for using the System Security Services Daemon (SSSD) as
+ a source of sudoers data.
+
+ * Slovenian translation for sudo and sudoers from translationproject.org.
+
+ * Visudo will now warn about unknown Defaults entries that are
+ per-host, per-user, per-runas or per-command.
+
+ * Fixed a race condition that could cause sudo to receive SIGTTOU
+ (and stop) when resuming a shell that was run via sudo when I/O
+ logging (and use_pty) is not enabled.
+
+ * Sending SIGTSTP directly to the sudo process will now suspend the
+ running command when I/O logging (and use_pty) is not enabled.
+
+What's new in Sudo 1.8.5p3?
+
+ * Fixed the loading of I/O plugins that conform to a plugin API
+ version older than 1.2.
+
+What's new in Sudo 1.8.5p2?
+
+ * Fixed use of the SUDO_ASKPASS environment variable which was
+ broken in Sudo 1.8.5.
+
+ * Fixed a problem reading the sudoers file when the file mode is
+ more restrictive than the expected mode. For example, when the
+ expected sudoers file mode is 0440 but the actual mode is 0400.
+
+What's new in Sudo 1.8.5p1?
+
+ * Fixed a bug that prevented files in an include directory from
+ being evaluated.
+
+What's new in Sudo 1.8.5?
+
+ * When "noexec" is enabled, sudo_noexec.so will now be prepended
+ to any existing LD_PRELOAD variable instead of replacing it.
+
+ * The sudo_noexec.so shared library now wraps the execvpe(),
+ exect(), posix_spawn() and posix_spawnp() functions.
+
+ * The user/group/mode checks on sudoers files have been relaxed.
+ As long as the file is owned by the sudoers uid, not world-writable
+ and not writable by a group other than the sudoers gid, the file
+ is considered OK. Note that visudo will still set the mode to
+ the value specified at configure time.
+
+ * It is now possible to specify the sudoers path, uid, gid and
+ file mode as options to the plugin in the sudo.conf file.
+
+ * Croatian, Galician, German, Lithuanian, Swedish and Vietnamese
+ translations from translationproject.org.
+
+ * /etc/environment is no longer read directly on Linux systems
+ when PAM is used. Sudo now merges the PAM environment into the
+ user's environment which is typically set by the pam_env module.
+
+ * The initial evironment created when env_reset is in effect now
+ includes the contents of /etc/environment on AIX systems and the
+ "setenv" and "path" entries from /etc/login.conf on BSD systems.
+
+ * The plugin API has been extended in three ways. First, options
+ specified in sudo.conf after the plugin pathname are passed to
+ the plugin's open function. Second, sudo has limited support
+ for hooks that can be used by plugins. Currently, the hooks are
+ limited to environment handling functions. Third, the init_session
+ policy plugin function is passed a pointer to the user environment
+ which can be updated during session setup. The plugin API version
+ has been incremented to version 1.2. See the sudo_plugin manual
+ for more information.
+
+ * The policy plugin's init_session function is now called by the
+ parent sudo process, not the child process that executes the
+ command. This allows the PAM session to be open and closed in
+ the same process, which some PAM modules require.
+
+ * Fixed parsing of "Path askpass" and "Path noexec" in sudo.conf,
+ which was broken in version 1.8.4.
+
+ * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
+ file is now uses to determine the controlling terminal, if possible.
+ This allows tty-based tickets to work properly even when, e.g.
+ standard input, output and error are redirected to /dev/null.
+
+ * The output of "sudoreplay -l" is now sorted by file name (or
+ sequence number). Previously, entries were displayed in the
+ order in which they were found on the file system.
+
+ * Sudo now behaves properly when I/O logging is enabled and the
+ controlling terminal is revoked (e.g. the running sshd is killed).
+ Previously, sudo may have exited without calling the I/O plugin's
+ close function which can lead to an incomplete I/O log.
+
+ * Sudo can now detect when a user has logged out and back in again
+ on Solaris 11, just like it can on Solaris 10.
+
+ * The built-in zlib included with Sudo has been upgraded to version
+ 1.2.6.
+
+ * Setting the SSL parameter to start_tls in ldap.conf now works
+ properly when using Mozilla-based SDKs that support the
+ ldap_start_tls_s() function.
+
+ * The TLS_CHECKPEER parameter in ldap.conf now works when the
+ Mozilla NSS crypto backend is used with OpenLDAP.
+
+ * A new group provider plugin, system_group, is included which
+ performs group look ups by name using the system groups database.
+ This can be used to restore the pre-1.7.3 sudo group lookup
+ behavior.
+
+What's new in Sudo 1.8.4p5?
+
+ * Fixed a bug when matching against an IP address with an associated
+ netmask in the sudoers file. In certain circumstances, this
+ could allow users to run commands on hosts they are not authorized
+ for.
+
+What's new in Sudo 1.8.4p4?
+
+ * Fixed a bug introduced in Sudo 1.8.4 which prevented "sudo -v"
+ from working.
+
+What's new in Sudo 1.8.4p3?
+
+ * Fixed a crash on FreeBSD when no tty is present.
+
+ * Fixed a bug introduced in Sudo 1.8.4 that allowed users to
+ specify environment variables to set on the command line without
+ having sudo "ALL" permissions or the "SETENV" tag.
+
+ * When visudo is run with the -c (check) option, the sudoers
+ file(s) owner and mode are now also checked unless the -f option
+ was specified.
+
+What's new in Sudo 1.8.4p2?
+
+ * Fixed a bug introduced in Sudo 1.8.4 where insufficient space
+ was allocated for group IDs in the LDAP filter.
+
+ * Fixed a bug introduced in Sudo 1.8.4 where the path to sudo.conf
+ was "/sudo.conf" instead of "/etc/sudo.conf".
+
+ * Fixed a bug introduced in Sudo 1.8.4 which could cause a hang
+ when I/O logging is enabled and input is from a pipe or file.
+
+What's new in Sudo 1.8.4p1?
+
+ * Fixed a bug introduced in sudo 1.8.4 that broke adding to or
+ deleting from the env_keep, env_check and env_delete lists in
+ sudoers on some platforms.
+
+What's new in Sudo 1.8.4?
+
+ * The -D flag in sudo has been replaced with a more general debugging
+ framework that is configured in sudo.conf.
+
+ * Fixed a false positive in visudo strict mode when aliases are
+ in use.
+
+ * Fixed a crash with "sudo -i" when a runas group was specified
+ without a runas user.
+
+ * The line on which a syntax error is reported in the sudoers file
+ is now more accurate. Previously it was often off by a line.
+
+ * Fixed a bug where stack garbage could be printed at the end of
+ the lecture when the "lecture_file" option was enabled.
+
+ * "make install" now honors the LINGUAS environment variable.
+
+ * The #include and #includedir directives in sudoers now support
+ relative paths. If the path is not fully qualified it is expected
+ to be located in the same directory of the sudoers file that is
+ including it.
+
+ * Serbian and Spanish translations for sudo from translationproject.org.
+
+ * LDAP-based sudoers may now access by group ID in addition to
+ group name.
+
+ * visudo will now fix the mode on the sudoers file even if no changes
+ are made unless the -f option is specified.
+
+ * The "use_loginclass" sudoers option works properly again.
+
+ * On systems that use login.conf, "sudo -i" now sets environment
+ variables based on login.conf.
+
+ * For LDAP-based sudoers, values in the search expression are now
+ escaped as per RFC 4515.
+
+ * The plugin close function is now properly called when a login
+ session is killed (as opposed to the actual command being killed).
+ This can happen when an ssh session is disconnected or the
+ terminal window is closed.
+
+ * The deprecated "noexec_file" sudoers option is no longer supported.
+
+ * Fixed a race condition when I/O logging is not enabled that could
+ result in tty-generated signals (e.g. control-C) being received
+ by the command twice.
+
+ * If none of the standard input, output or error are connected to
+ a tty device, sudo will now check its parent's standard input,
+ output or error for the tty name on systems with /proc and BSD
+ systems that support the KERN_PROC_PID sysctl. This allows
+ tty-based tickets to work properly even when, e.g. standard
+ input, output and error are redirected to /dev/null.
+
+ * Added the --enable-kerb5-instance configure option to allow
+ people using Kerberos V authentication to specify a custom
+ instance so the principal name can be, e.g. "username/sudo"
+ similar to how ksu uses "username/root".
+
+ * Fixed a bug where a pattern like "/usr/*" included /usr/bin/ in
+ the results, which would be incorrectly be interpreted as if the
+ sudoers file had specified a directory.
+
+ * "visudo -c" will now list any include files that were checked
+ in addition to the main sudoers file when everything parses OK.
+
+ * Users that only have read-only access to the sudoers file may
+ now run "visudo -c". Previously, write permissions were required
+ even though no writing is down in check-only mode.
+
+ * It is now possible to prevent the disabling of core dumps from
+ within sudo itself by adding a line to the sudo.conf file like
+ "Set disable_coredump false".
+
+What's new in Sudo 1.8.3p2?
+
+ * Fixed a format string vulnerability when the sudo binary (or a
+ symbolic link to the sudo binary) contains printf format escapes
+ and the -D (debugging) flag is used.
+
+What's new in Sudo 1.8.3p1?
+
+ * Fixed a crash in the monitor process on Solaris when NOPASSWD
+ was specified or when authentication was disabled.
+
+ * Fixed matching of a Runas_Alias in the group section of a
+ Runas_Spec.
+
+What's new in Sudo 1.8.3?
+
+ * Fixed expansion of strftime() escape sequences in the "log_dir"
+ sudoers setting.
+
+ * Esperanto, Italian and Japanese translations from translationproject.org.
+
+ * Sudo will now use PAM by default on AIX 6 and higher.
+
+ * Added --enable-werror configure option for gcc's -Werror flag.
+
+ * Visudo no longer assumes all editors support the +linenumber
+ command line argument. It now uses a whitelist of editors known
+ to support the option.
+
+ * Fixed matching of network addresses when a netmask is specified
+ but the address is not the first one in the CIDR block.
+
+ * The configure script now check whether or not errno.h declares
+ the errno variable. Previously, sudo would always declare errno
+ itself for older systems that don't declare it in errno.h.
+
+ * The NOPASSWD tag is now honored for denied commands too, which
+ matches historic sudo behavior (prior to sudo 1.7.0).
+
+ * Sudo now honors the "DEREF" setting in ldap.conf which controls
+ how alias dereferencing is done during an LDAP search.
+
+ * A symbol conflict with the pam_ssh_agent_auth PAM module that
+ would cause a crash been resolved.
+
+ * The inability to load a group provider plugin is no longer
+ a fatal error.
+
+ * A potential crash in the utmp handling code has been fixed.
+
+ * Two PAM session issues have been resolved. In previous versions
+ of sudo, the PAM session was opened as one user and closed as
+ another. Additionally, if no authentication was performed, the
+ PAM session would never be closed.
+
+ * Sudo will now work correctly with LDAP-based sudoers using TLS
+ or SSL on Debian systems.
+
+ * The LOGNAME, USER and USERNAME environment variables are preserved
+ correctly again in sudoedit mode.
+
+What's new in Sudo 1.8.2?
+
+ * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural
+ language support (NLS). This can be disabled by passing configure
+ the --disable-nls option. Sudo will use gettext(), if available,
+ to display translated messages. All translations are coordinated
+ via The Translation Project, http://translationproject.org/.
+
+ * Plug-ins are now loaded with the RTLD_GLOBAL flag instead of
+ RTLD_LOCAL. This fixes missing symbol problems in PAM modules
+ on certain platforms, such as FreeBSD and SuSE Linux Enterprise.
+
+ * I/O logging is now supported for commands run in background mode
+ (using sudo's -b flag).
+
+ * Group ownership of the sudoers file is now only enforced when
+ the file mode on sudoers allows group readability or writability.
+
+ * Visudo now checks the contents of an alias and warns about cycles
+ when the alias is expanded.
+
+ * If the user specifies a group via sudo's -g option that matches
+ the target user's group in the password database, it is now
+ allowed even if no groups are present in the Runas_Spec.
+
+ * The sudo Makefiles now have more complete dependencies which are
+ automatically generated instead of being maintained manually.
+
+ * The "use_pty" sudoers option is now correctly passed back to the
+ sudo front end. This was missing in previous versions of sudo
+ 1.8 which prevented "use_pty" from being honored.
+
+ * "sudo -i command" now works correctly with the bash version
+ 2.0 and higher. Previously, the .bash_profile would not be
+ sourced prior to running the command unless bash was built with
+ NON_INTERACTIVE_LOGIN_SHELLS defined.
+
+ * When matching groups in the sudoers file, sudo will now match
+ based on the name of the group instead of the group ID. This can
+ substantially reduce the number of group lookups for sudoers
+ files that contain a large number of groups.
+
+ * Multi-factor authentication is now supported on AIX.
+
+ * Added support for non-RFC 4517 compliant LDAP servers that require
+ that seconds be present in a timestamp, such as Tivoli Directory Server.
+
+ * If the group vector is to be preserved, the PATH search for the
+ command is now done with the user's original group vector.
+
+ * For LDAP-based sudoers, the "runas_default" sudoOption now works
+ properly in a sudoRole that contains a sudoCommand.
+
+ * Spaces in command line arguments for "sudo -s" and "sudo -i" are
+ now escaped with a backslash when checking the security policy.
+
+What's new in Sudo 1.8.1p2?
+
+ * Two-character CIDR-style IPv4 netmasks are now matched correctly
+ in the sudoers file.
+
+ * A build error with MIT Kerberos V has been resolved.
+
+ * A crash on HP-UX in the sudoers plugin when wildcards are
+ present in the sudoers file has been resolved.
+
+ * Sudo now works correctly on Tru64 Unix again.
+
+What's new in Sudo 1.8.1p1?
+
+ * Fixed a problem on AIX where sudo was unable to set the final
+ uid if the PAM module modified the effective uid.
+
+ * A non-existent includedir is now treated the same as an empty
+ directory and not reported as an error.
+
+ * Removed extraneous parens in LDAP filter when sudoers_search_filter
+ is enabled that can cause an LDAP search error.
+
+ * Fixed a "make -j" problem for "make install".
+
+What's new in Sudo 1.8.1?
+
+ * A new LDAP setting, sudoers_search_filter, has been added to
+ ldap.conf. This setting can be used to restrict the set of
+ records returned by the LDAP query. Based on changes from Matthew
+ Thomas.
+
+ * White space is now permitted within a User_List when used in
+ conjunction with a per-user Defaults definition.
+
+ * A group ID (%#gid) may now be specified in a User_List or Runas_List.
+ Likewise, for non-Unix groups the syntax is %:#gid.
+
+ * Support for double-quoted words in the sudoers file has been fixed.
+ The change in 1.7.5 for escaping the double quote character
+ caused the double quoting to only be available at the beginning
+ of an entry.
+
+ * The fix for resuming a suspended shell in 1.7.5 caused problems
+ with resuming non-shells on Linux. Sudo will now save the process
+ group ID of the program it is running on suspend and restore it
+ when resuming, which fixes both problems.
+
+ * A bug that could result in corrupted output in "sudo -l" has been
+ fixed.
+
+ * Sudo will now create an entry in the utmp (or utmpx) file when
+ allocating a pseudo-tty (e.g. when logging I/O). The "set_utmp"
+ and "utmp_runas" sudoers file options can be used to control this.
+ Other policy plugins may use the "set_utmp" and "utmp_user"
+ entries in the command_info list.
+
+ * The sudoers policy now stores the TSID field in the logs
+ even when the "iolog_file" sudoers option is defined to a value
+ other than %{sessid}. Previously, the TSID field was only
+ included in the log file when the "iolog_file" option was set
+ to its default value.
+
+ * The sudoreplay utility now supports arbitrary session IDs.
+ Previously, it would only work with the base-36 session IDs
+ that the sudoers plugin uses by default.
+
+ * Sudo now passes "run_shell=true" to the policy plugin in the
+ settings list when sudo's -s command line option is specified.
+ The sudoers policy plugin uses this to implement the "set_home"
+ sudoers option which was missing from sudo 1.8.0.
+
+ * The "noexec" functionality has been moved out of the sudoers
+ policy plugin and into the sudo front-end, which matches the
+ behavior documented in the plugin writer's guide. As a result,
+ the path to the noexec file is now specified in the sudo.conf
+ file instead of the sudoers file.
+
+ * On Solaris 10, the PRIV_PROC_EXEC privilege is now used to
+ implement the "noexec" feature. Previously, this was implemented
+ via the LD_PRELOAD environment variable.
+
+ * The exit values for "sudo -l", "sudo -v" and "sudo -l command"
+ have been fixed in the sudoers policy plugin.
+
+ * The sudoers policy plugin now passes the login class, if any,
+ back to the sudo front-end.
+
+ * The sudoers policy plugin was not being linked with requisite
+ libraries in certain configurations.
+
+ * Sudo now parses command line arguments before loading any plugins.
+ This allows "sudo -V" or "sudo -h" to work even if there is a problem
+ with sudo.conf
+
+ * Plugins are now linked with the static version of libgcc to allow
+ the plugin to run on a system where no shared libgcc is installed,
+ or where it is installed in a different location.
+
+What's new in Sudo 1.8.0?
+
+ * Sudo has been refactored to use a modular framework that can
+ support third-party policy and I/O logging plugins. The default
+ plugin is "sudoers" which provides the traditional sudo functionality.
+ See the sudo_plugin manual for details on the plugin API and the
+ sample in the plugins directory for a simple example.
+
+What's new in Sudo 1.7.5?
+
+ * When using visudo in check mode, a file named "-" may be used to
+ check sudoers data on the standard input.
+
+ * Sudo now only fetches shadow password entries when using the
+ password database directly for authentication.
+
+ * Password and group entries are now cached using the same key
+ that was used to look them up. This fixes a problem when looking
+ up entries by name if the name in the retrieved entry does not
+ match the name used to look it up. This may happen on some systems
+ that do case insensitive lookups or that truncate long names.
+
+ * GCC will no longer display warnings on glibc systems that use
+ the warn_unused_result attribute for write(2) and other system calls.
+
+ * If a PAM account management module denies access, sudo now prints
+ a more useful error message and stops trying to validate the user.
+
+ * Fixed a potential hang on idle systems when the sudo-run process
+ exits immediately.
+
+ * Sudo now includes a copy of zlib that will be used on systems
+ that do not have zlib installed.
+
+ * The --with-umask-override configure flag has been added to enable
+ the "umask_override" sudoers Defaults option at build time.
+
+ * Sudo now unblocks all signals on startup to avoid problems caused
+ by the parent process changing the default signal mask.
+
+ * LDAP Sudoers entries may now specify a time period for which
+ the entry is valid. This requires an updated sudoers schema
+ that includes the sudoNotBefore and sudoNotAfter attributes.
+ Support for timed entries must be explicitly enabled in the
+ ldap.conf file. Based on changes from Andreas Mueller.
+
+ * LDAP Sudoers entries may now specify a sudoOrder attribute that
+ determines the order in which matching entries are applied. The
+ last matching entry is used, just like file-based sudoers. This
+ requires an updated sudoers schema that includes the sudoOrder
+ attribute. Based on changes from Andreas Mueller.
+
+ * When run as sudoedit, or when given the -e flag, sudo now treats
+ command line arguments as pathnames. This means that slashes
+ in the sudoers file entry must explicitly match slashes in
+ the command line arguments. As a result, and entry such as:
+ user ALL = sudoedit /etc/*
+ will allow editing of /etc/motd but not /etc/security/default.
+
+ * NETWORK_TIMEOUT is now an alias for BIND_TIMELIMIT in ldap.conf for
+ compatibility with OpenLDAP configuration files.
+
+ * The LDAP API TIMEOUT parameter is now honored in ldap.conf.
+
+ * The I/O log directory may now be specified in the sudoers file.
+
+ * Sudo will no longer refuse to run if the sudoers file is writable
+ by root.
+
+ * Sudo now performs command line escaping for "sudo -s" and "sudo -i"
+ after validating the command so the sudoers entries do not need
+ to include the backslashes.
+
+ * Logging and email sending are now done in the locale specified
+ by the "sudoers_locale" setting ("C" by default). Email send by
+ sudo now includes MIME headers when "sudoers_locale" is not "C".
+
+ * The configure script has a new option, --disable-env-reset, to
+ allow one to change the default for the sudoers Default setting
+ "env_reset" at compile time.
+
+ * When logging "sudo -l command", sudo will now prepend "list "
+ to the command in the log line to distinguish between an
+ actual command invocation in the logs.
+
+ * Double-quoted group and user names may now include escaped double
+ quotes as part of the name. Previously this was a parse error.
+
+ * Sudo once again restores the state of the signal handlers it
+ modifies before executing the command. This allows sudo to be
+ used with the nohup command.
+
+ * Resuming a suspended shell now works properly when I/O logging
+ is not enabled (the I/O logging case was already correct).
+
+What's new in Sudo 1.7.4p6?
+
+ * A bug has been fixed in the I/O logging support that could cause
+ visual artifacts in full-screen programs such as text editors.
+
What's new in Sudo 1.7.4p5?
* A bug has been fixed that would allow a command to be run without the
* A crash has been fixed when sudo's -g flag is used without the -u flag
and the sudoers file contains an entry with no runas user or group listed.
- * A bug has been fixed in the I/O logging support that could cause
- visual artifacts in full-screen programs such as text editors,.
-
* A crash has been fixed when the Solaris project support is enabled
and sudo's -g flag is used without the -u flag.