Version 2.1.2 of sudoscript closes a hole in which a member of the "ssers" group, in use when non-root access is enabled by sudoscript, can send a HUP signal to any process on the system. This update changes the signal used by sudoscriptd from HUP to WINCH. The latter is ignored by most process whereas the former is not. If sudoscript is used to enable root access only, then this bug doesn't bite, since the root enabled user can do lots more mischeif without signaling arbitrary processes. How-To-Repeat: I could tell you, but then I'd have to shoot myself. 8)
State Changed From-To: open->closed Committed. Thanks!