Пакет sudo: Информация

    Исходный пакет: sudo
    Версия: 1.9.12p2-alt0.c9f2.1
    Собран:  24 января 2023 г. 14:13 в задании #313971
    Категория: Система/База
    Сообщить об ошибке в пакете
    Домашняя страница: https://www.sudo.ws

    Лицензия: ISC
    О пакете: Allows command execution as another user
    Описание: 
    Sudo is a program designed to allow a sysadmin to give limited root
    privileges to users and log root activity.  The basic philosophy is
    to give as few privileges as possible but still allow people to get
    their work done.

    Список rpm-пакетов, предоставляемых данным srpm-пакетом:
    sudo (x86_64, ppc64le, i586, armh, aarch64)
    sudo-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
    sudo-devel (noarch)
    sudo-python (x86_64, ppc64le, i586, armh, aarch64)
    sudo-python-debuginfo (x86_64, ppc64le, i586, armh, aarch64)

    Сопровождающий: Alexander Danilov


      1. flex
      2. libselinux-devel
      3. python3-dev
      4. /usr/bin/nroff
      5. perl-podlators
      6. libaudit-devel
      7. libpam-devel
      8. libcap-devel

    Последнее изменение


    23 января 2023 г. Alexander Danilov 1:1.9.12p2-alt0.c9f2.1
    - Backport to c9f2.
    - logsrvd package removed.
    22 января 2023 г. Evgeny Sinelnikov 1:1.9.12p2-alt1
    - Update to latest stable bugfix and security release (closes: 44965).
    - Fixed a compilation error on Linux/aarch64 (GitHub#197).
    - Fixed a potential crash introduced in the fix for (GitHub#134):
     + If a user's sudoers entry did not have any RunAs user's set, running
       "sudo -U otheruser -l" would dereference a NULL pointer.
    - Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from creating
      a I/O files when the "iolog_file" sudoers setting contains six or more Xs.
    - Fixed security issue (fixes: CVE-2023-22809), a flaw in sudo's -e option (aka
      sudoedit) that could allow a malicious user with sudoedit privileges to edit
      arbitrary files.
    7 ноября 2022 г. Evgeny Sinelnikov 1:1.9.12p1-alt1
    - Update to latest stable bugfix and security release (fixes: CVE-2022-43995).
    - Major improvements from latest Sisyphus release:
     + For ptrace-based intercept mode, sudo will now attempt to verify that the
       command path name, arguments and environment have not changed from the time
       when they were authorized by the security policy. The new intercept_verify
       sudoers setting can be used to control this behavior.
     + Sudo now supports passing the execve(2) system call the NULL pointer for the
       argv and/or envp arguments when in intercept mode. Linux treats a NULL pointer
       like an empty array.
     + Neovim has been added to the list of visudo editors that support passing the
       line number on the command line.
     + Added a new -N (no-update) command line option to sudo which can be used to
       prevent sudo from updating the user's cached credentials.
     + PAM approval modules are no longer invoked when running sub-commands in
       intercept mode unless the intercept_authenticate option is set. There is a
       substantial performance penalty for calling into PAM for each command run.
       PAM approval modules are still called for the initial command.
     + Intercept mode on Linux now uses process_vm_readv(2) and process_vm_writev(2)
       if available.
     + The XDG_CURRENT_DESKTOP environment variable is now preserved by default.
       This makes it possible for graphical applications to choose the correct theme
       when run via sudo.
     + The cvtsudoers manual now documents the JSON and CSV output formats.
     + The new log_stdin, log_stdout, log_stderr, log_ttyin, and log_ttyout sudoers
       settings can be used to support more fine-grained I/O logging. The sudo
       front-end no longer allocates a pseudo-terminal when running a command if the
       I/O logging plugin requests logging of stdin, stdout, or stderr but not
       terminal input/output.
     + Added the -I option to visudo which only edits the main sudoers file.
       Include files are not edited unless a syntax error is found.