Skip to content

Version 0.2.1

Compare
Choose a tag to compare
@rnijveld rnijveld released this 21 Sep 14:43
· 268 commits to main since this release
v0.2.1
195d6f8

Version 0.2.1 is a bugfix release. This release includes a bug fix for a security issue. Users of sudo-rs are advised to upgrade to the latest version as soon a possible. Please see the security advisory for details.

Changed

  • Session records/timestamps are now stored in files with uids instead of usernames, fixing a security bug (CVE-2023-42456)
  • visudo will now resolve EDITOR via PATH
  • Input/output errors while writing text to the terminal no longer cause sudo to exit immediately
  • Switched several internal API calls from libc to Rust's std library
  • The %h escape sequence in sudoers includes directives is not supported in sudo-rs, this now gives a better diagnostic and no longer tries to include the file
  • Our PAM integration was hardened against allocation failures
  • An attempt was made to harden against rowhammer type attacks
  • Release builds no longer include debugging symbols

Fixed

  • Fixed an invalid parsing when an escaped null byte was present in the sudoers file
  • Replaced informal error message in visudo with a proper error message