---------- Forwarded message ---------- Date: Thu, 16 Sep 2004 13:13:05 -0600 From: Todd C. Miller To: sudo-announce@sudo.ws Subject: [sudo-announce] Sudo version 1.6.8p1 now available Sudo version 1.6.8, patchlevel 1 is now available. It includes a fix for a security flaw in sudoedit that could give a malicious user read access to file that would normally be unreadable. See http://www.sudo.ws/sudo/alerts/sudoedit.html for more details. Major changes since Sudo 1.6.8: o Sudoedit now re-opens the temp file as the invoking user and will only open regular files. o Better detection of unchanged files in sudoedit. o The path to ldap.conf is now configurable. o Added SSL tls_* certificate checking options when using LDAP. o The sample pam config file has been updated. Commercial support is now available for Sudo. If your organization uses Sudo please consider purchasing a support contract to help fund additional Sudo development at http://www.sudo.ws/support.html Custom enhancements to Sudo may also be contracted for. You can also help out by "purchasing" a copy of Sudo or making a donation at http://www.sudo.ws/purchase.html Sudo is still free software and I intend for it to remain so but as I currently lack regular employment I am asking for help from the Sudo community. Your support will enable me to continue to improve Sudo and complete projects such as a proper user's manual and a major rewrite of large portions of Sudo. You may recall news of a patent recently awarded to MicroSoft that some people have said covers Sudo. After reading through the patent and conferring with several people I don't believe it covers Sudo as it exists now since the patent appears to cover a persistent daemon process. However, the patent does seem overly broad and could restrict future Sudo development so I am collecting prior art in the hopes of having the patent re-evaluated. If you have examples of prior art, please contact me with details. Master Web Site: http://www.sudo.ws/sudo/ Web Site Mirrors: http://sudo.stikman.com/ (Los Angeles, California, USA) http://mirage.informationwave.net/sudo/ (Fanwood, New Jersey, USA) http://www.mrv2k.net/sudo/ (Bend, Oregon, USA) http://www.signal42.com/mirrors/sudo_www/ (USA) http://sudo.xmundo.net/ (Argentina) http://sudo.planetmirror.com/ (Australia) http://sunshine.lv/sudo/ (Latvia) http://rexem.uni.cc/sudo/ (Kaunas, Lithuania) http://sudo.cdu.elektra.ru/ (Russia) http://sudo.nctu.edu.tw/ (Taiwan) FTP Mirrors: ftp://anonopenbsd.cs.colorado.edu/pub/sudo/ (Boulder, Colorado, USA) ftp://ftp.cs.colorado.edu/pub/sudo/ (Boulder, Colorado, USA) ftp://obsd.isc.org/pub/sudo/ (Redwood City, California, USA) ftp://ftp.stikman.com/pub/sudo/ (Los Angeles, California, USA) ftp://ftp.tux.org/pub/security/sudo/ (Beltsville, Maryland, USA) ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA) ftp://ftp.uwsg.indiana.edu/pub/security/sudo/ (Bloomington, Indiana, USA) ftp://ftp.rge.com/pub/admin/sudo/ (Rochester, New York, USA) ftp://sudo.xmundo.net/pub/mirrors/sudo/ (Argentina) ftp://ftp.wiretapped.net/pub/security/host-security/sudo/ (Australia) ftp://ftp.tuwien.ac.at/utils/admin-tools/sudo/ (Austria) ftp://sunsite.ualberta.ca/pub/Mirror/sudo/ (Alberta, Canada) ftp://ftp.csc.cuhk.edu.hk/pub/packages/unix-tools/sudo/ (Hong Kong, China) ftp://ftp.eunet.cz/pub/security/sudo/ (Czechoslovakia) ftp://ftp.ujf-grenoble.fr/sudo/ (France) ftp://netmirror.org/ftp.sudo.ws/ (Frankfurt, Germany) ftp://ftp.win.ne.jp/pub/misc/sudo/ (Japan) ftp://ftp.st.ryukoku.ac.jp/pub/security/tool/sudo/ (Japan) ftp://ftp.cin.nihon-u.ac.jp/pub/misc/sudo/ (Japan) ftp://core.ring.gr.jp/pub/misc/sudo/ (Japan) ftp://ftp.ring.gr.jp/pub/misc/sudo/ (Japan) ftp://ftp.tpnet.pl/d6/ftp.sudo.ws/ (Poland) ftp://ftp.cdu.elektra.ru/pub/unix/security/sudo/ (Russia) ftp://ftp.nsysu.edu.tw/Unix/Security/Sudo/ (Taiwan) HTTP Mirrors: http://www.rge.com/pub/admin/sudo/ (Rochester, New York, USA) http://probsd.org/sudoftp/ (East Coast, USA) http://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA) http://www.signal42.com/mirrors/sudo_ftp/ (California, USA) http://netmirror.org/mirror/ftp.sudo.ws/ (Frankfurt, Germany) http://core.ring.gr.jp/archives/misc/sudo/ (Japan) http://www.ring.gr.jp/archives/misc/sudo/ (Japan) http://ftp.tpnet.pl/vol/d6/ftp.sudo.ws/ (Poland) http://sudo.tsuren.net/dist/ (Moscow, Russian Federation) http://ftp.nsysu.edu.tw/Unix/Security/Sudo/ (Taiwan) ____________________________________________________________ sudo-announce mailing list For list information, options, or to unsubscribe, visit: http://www.sudo.ws/mailman/listinfo/sudo-announce