Пакет sudo: Информация

Исходный пакет: sudo

Версия: 1.9.13p2-alt1

Собран: 21 апреля 2023 г. 17:42 в задании #318844

Категория: Система/База

Сообщить об ошибке в пакете

Gear: https://git.altlinux.org/gears/s/sudo.git?a=tree;hb=eceb90f1548e…

Домашняя страница: https://www.sudo.ws

Лицензия: ISC

О пакете: Allows command execution as another user

Описание:

Sudo is a program designed to allow a sysadmin to give limited root
privileges to users and log root activity.  The basic philosophy is
to give as few privileges as possible but still allow people to get
their work done.

Список rpm-пакетов, предоставляемых данным srpm-пакетом:
sudo (x86_64, ppc64le, i586, armh, aarch64)
sudo-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
sudo-devel (noarch)
sudo-logsrvd (x86_64, ppc64le, i586, armh, aarch64)
sudo-logsrvd-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
sudo-python (x86_64, ppc64le, i586, armh, aarch64)
sudo-python-debuginfo (x86_64, ppc64le, i586, armh, aarch64)

Сопровождающий: Evgeny Sinelnikov

Список участников:
Evgeny Sinelnikov
Nikolai Kostrigin
Vitaly Kuznetsov
Dmitry V. Levin
qa-robot

Сборочные зависимости:

27 февраля 2023 г. Evgeny Sinelnikov 1:1.9.13p2-alt1

- Update to latest stable release.
- Fix run_time message validation in logsrvd.
- Fixed a potential double-free bug when matching a sudoers rule
  that contains a per-command chroot directive (CHROOT=dir).

20 февраля 2023 г. Evgeny Sinelnikov 1:1.9.13p1-alt1

- Update to latest stable release.
- Fixed potential memory leaks in error paths (GitHub#199, GitHub#202).
- Fixed potential NULL dereferences on memory allocation failure (GitHub#204,
  GitHub#211).
- A missing include file in sudoers is no longer a fatal error
  unless the error_recovery plugin argument has been set to false.
- Fixed a bug running relative commands via sudo when "log_subcmds"
  is enabled (GitHub#194).
- Fixed a signal handling bug when running sudo commands in a shell
  script.  Signals were not being forwarded to the command when
  the sudo process was not run in its own process group.
- Added a reminder to the default lecture that the password will
  not echo. This line is only displayed when the pwfeedback option
  is disabled (GitHub#195).
- Regular expressions in sudoers or logsrvd.conf may no longer contain
  consecutive repetition operators.  This is implementation-specific behavior
  according to POSIX, but some implementations will allocate excessive amounts
  of memory. This mainly affects the fuzzers.
- Sudo no longer checks the ownership and mode of the plugins that it loads.
  Plugins are configured via either the sudo.conf or sudoers file which are
  trusted configuration files.
- Fixed a bug executing a command with a very long argument vector when
  "log_subcmds" or "intercept" is enabled on a system where "intercept_type"
  is set to "trace" (GitHub#194).

22 января 2023 г. Evgeny Sinelnikov 1:1.9.12p2-alt1

- Update to latest stable bugfix and security release (closes: 44965).
- Fixed a compilation error on Linux/aarch64 (GitHub#197).
- Fixed a potential crash introduced in the fix for (GitHub#134):
 + If a user's sudoers entry did not have any RunAs user's set, running
   "sudo -U otheruser -l" would dereference a NULL pointer.
- Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from creating
  a I/O files when the "iolog_file" sudoers setting contains six or more Xs.
- Fixed security issue (fixes: CVE-2023-22809), a flaw in sudo's -e option (aka
  sudoedit) that could allow a malicious user with sudoedit privileges to edit
  arbitrary files.

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla

Версия: v24.4.2