Sudo 1.9.18

Author: millert

NEWS

@@ -1,3 +1,83 @@
+What's new in Sudo 1.9.18
+
+ * Updated the embedded copy of protobuf-c to version 1.5.2
+   and regenerated code from the .proto files.
+
+ * In intercept mode on Linux, the seccomp filter will now kill the
+   process if the architecture does not match the native or compatible
+   architectures.
+
+ * Fixed a problem in sudoreplay where a speed factor of 0 or less
+   would result in a negative delay value that caused a hang during
+   playback. Bug #1078.
+ 
+ * Restored the ability to run "sudo -u myname -g group" when the
+   user portion of the Runas_Spec is non-empty and the specified
+   group matches the Runas_Spec.  Reported by Marc Schoolderman of
+   the sudo-rs project.
+
+ * Fixed a bug with "sudo -U otheruser -l" where the NOPASSWD tag
+   was being applied for commands other than "ALL" or "list".  The
+   NOPASSWD tag should only be applied when listing another user's
+   privileges if the command is "ALL" or "list".  Reported by Marc
+   Schoolderman of the sudo-rs project.
+
+ * The "-fcf-protection=full" compiler option is now only used for
+   x86_64 CPUs.  For 32-bit x86 CPUs, "-fcf-protection=return" is
+   used instead.  This fixes an illegal instruction problem on some
+   older Intel-compatible CPUs that do not implement the ENDBR32
+   instruction.
+
+ * The sudo_sendlog man page is now only installed when sudo_sendlog
+   itself is installed.  GitHub issue #467
+
+ * Sudo now uses most of the suggested compiler and linker options
+   from the OpenSSF Compiler Options Hardening Guide for C and C++.
+
+ * Fixed multiple potential crashes in sudo_logsrvd.
+   Found by Joshua Rogers (https://joshua.hu) using the ZeroPath
+   tool (https://zeropath.com/).
+
+ * Fixed a potential message corruption error in sudo_logsrvd.
+   Found by Joshua Rogers (https://joshua.hu) using the ZeroPath
+   tool (https://zeropath.com/).
+
+ * Fixed multiple resource leaks on error paths.  Found by Joshua
+   Rogers (https://joshua.hu) using the ZeroPath tool
+   (https://zeropath.com/).
+
+ * Fixed a potential path traversal bug in sudo_logsrvd when
+   restarting an existing log file.  The log ID is used to
+   construct the path to the log file and must not contain
+   any ".." path components.  Found by Joshua Rogers
+   (https://joshua.hu) using the ZeroPath tool (https://zeropath.com/).
+
+ * Fixed a bug in sudo_sendlog that prevented it from transmitting
+   older sudo I/O logs that lack a log.json file.
+
+ * sudo_sendlog now verifies the server certificate by default,
+   as per the documentation.
+
+ * Fixed a bug that prevented the sending of exit events to the
+   sudo log server when I/O logging is not enabled.
+
+ * Fixed a bug that caused sudo-style logs generated by sudo_logsrvd
+   to be line-wrapped after 5 characters.
+
+ * When sudo_logsrvd verifies TLS client certificates, it now uses
+   the IP address of the peer as well as the DNS hostname, if it
+   can be resolved from the address.  Previously, sudo_logsrvd would
+   resolve DNS hostnames in the client's certificate to IP addresses
+   and compare them to the client IP address.
+
+ * When sudo is logging to a remote log server (sudo_logsrvd),
+   if the connection to the server is dropped, the socket is now
+   closed immediately.  This fixes an issue when restarting
+   sudo_logsrvd on some systems.
+
+ * Fixed a bug that could result in sudo waiting 5 seconds after
+   the command exits when logging events, but not I/O, to sudo_logsrvd.
+
 What's new in Sudo 1.9.17p2
 
  * Fixed a bug introduced in sudo 1.9.16 that could result in sudo

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.72 for sudo 1.9.17p2.
+# Generated by GNU Autoconf 2.72 for sudo 1.9.18.
 #
 # Report bugs to <https://bugzilla.sudo.ws/>.
 #
@@ -614,8 +614,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.9.17p2'
-PACKAGE_STRING='sudo 1.9.17p2'
+PACKAGE_VERSION='1.9.18'
+PACKAGE_STRING='sudo 1.9.18'
 PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/'
 PACKAGE_URL=''
 
@@ -1650,7 +1650,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-'configure' configures sudo 1.9.17p2 to adapt to many kinds of systems.
+'configure' configures sudo 1.9.18 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1716,7 +1716,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.9.17p2:";;
+     short | recursive ) echo "Configuration of sudo 1.9.18:";;
    esac
   cat <<\_ACEOF
 
@@ -2011,7 +2011,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.9.17p2
+sudo configure 1.9.18
 generated by GNU Autoconf 2.72
 
 Copyright (C) 2023 Free Software Foundation, Inc.
@@ -2831,7 +2831,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.9.17p2, which was
+It was created by sudo $as_me 1.9.18, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -38676,7 +38676,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.9.17p2, which was
+This file was extended by sudo $as_me 1.9.18, which was
 generated by GNU Autoconf 2.72.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -38744,7 +38744,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-sudo config.status 1.9.17p2
+sudo config.status 1.9.18
 configured by $0, generated by GNU Autoconf 2.72,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 dnl
 AC_PREREQ([2.69])
-AC_INIT([sudo], [1.9.17p2], [https://bugzilla.sudo.ws/], [sudo])
+AC_INIT([sudo], [1.9.18], [https://bugzilla.sudo.ws/], [sudo])
 AC_CONFIG_HEADERS([config.h pathnames.h])
 AC_CONFIG_SRCDIR([src/sudo.c])
 AC_CONFIG_AUX_DIR([scripts])