Release 0.2.1

trifectatechfoundation · Sep 21, 2023 · 195d6f8 · 195d6f8
1 parent bfdbda2
commit 195d6f8
Show file tree

Hide file tree

Showing 7 changed files with 29 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,27 @@
 # Changelog
 
+## [0.2.1] - 2023-09-21
+
+### Changed
+- Session records/timestamps are now stored in files with uids instead of
+  usernames, fixing a security bug (CVE-2023-42456)
+- `visudo` will now resolve `EDITOR` via `PATH`
+- Input/output errors while writing text to the terminal no longer cause sudo to
+  exit immediately
+- Switched several internal API calls from libc to Rust's std library
+- The `%h` escape sequence in sudoers includes directives is not supported in
+  sudo-rs, this now gives a better diagnostic and no longer tries to include the
+  file
+- Our PAM integration was hardened against allocation failures
+- An attempt was made to harden against rowhammer type attacks
+- Release builds no longer include debugging symbols
+
+### Fixed
+- Fixed an invalid parsing when an escaped null byte was present in the sudoers
+  file
+- Replaced informal error message in `visudo` with a proper error message
+
+
 ## [0.2.0] - 2023-08-29
 
 ### Added
@@ -76,6 +98,7 @@
 - Use canonicalized paths for the executed binaries
 - Simplified CLI help to only display supported actions
 
+[0.2.1]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0...v0.2.1
 [0.2.0]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230711...v0.2.0
 [0.2.0-dev.20230711]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230703...v0.2.0-dev.20230711
 [0.2.0-dev.20230703]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230627...v0.2.0-dev.20230703

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "sudo-rs"
 description = "A memory safe implementation of sudo and su."
-version = "0.2.0"
+version = "0.2.1"
 license = "Apache-2.0 OR MIT"
 edition = "2021"
 repository = "https://github.com/memorysafety/sudo-rs"

diff --git a/docs/man/su.1.md b/docs/man/su.1.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: SU(1) sudo-rs 0.2.0 | sudo-rs
+title: SU(1) sudo-rs 0.2.1 | sudo-rs
 --- -->
 
 # NAME

diff --git a/docs/man/sudo.8.md b/docs/man/sudo.8.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: SUDO(8) sudo-rs 0.2.0 | sudo-rs
+title: SUDO(8) sudo-rs 0.2.1 | sudo-rs
 --- -->
 
 # NAME

diff --git a/docs/man/visudo.8.md b/docs/man/visudo.8.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: VISUDO(8) sudo-rs 0.2.0 | sudo-rs
+title: VISUDO(8) sudo-rs 0.2.1 | sudo-rs
 --- -->
 
 # NAME

diff --git a/util/build-release.sh b/util/build-release.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-DATE="2023-08-29"
+DATE="2023-09-21"
 SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)
 PROJECT_DIR=$(dirname "$SCRIPT_DIR")
 SUDO_RS_VERSION="$(cargo metadata --format-version 1 --manifest-path "$PROJECT_DIR/Cargo.toml" | jq '.packages[] | select(.name=="sudo-rs") | .version' -r)"