From 09f160779b1c6eaa818b9fae04b70115c5185cd2 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Thu, 19 Aug 2021 09:54:18 -0600
Subject: [PATCH] The fix for bug #989 will make sudo 1.9.8. Also mention
 intercept_authenticate and intercept_allow_setid.

---
 NEWS | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/NEWS b/NEWS
index d1277ce16..97c89a32d 100644
--- a/NEWS
+++ b/NEWS
@@ -23,6 +23,12 @@ What's new in Sudo 1.9.8
    would only apply intercept mode to user "chuck" when running one
    of the listed shells.
 
+   In intercept mode, sudo will not prompt for a password before
+   running a sub-command and will not allow a set-user-ID or
+   set-group-ID program to be run by default.  The new
+   intercept_authenticate and intercept_allow_setid sudoers settings
+   can be used to change this behavior.
+
  * The new "log_children" sudoers setting can be used to log commands
    run in a privileged shell.  It uses the same mechanism as the
    intercept support described above and has the same limitations.
@@ -46,6 +52,10 @@ What's new in Sudo 1.9.8
    No overflow was possible since the correct amount of memory was
    already pre-allocated.
 
+ * The mksigname and mksiglist helper programs are now built with
+   the host compiler, not the target compiler, when cross-compiling.
+   Bug #989.
+
 What's new in Sudo 1.9.7p2
 
  * When formatting JSON output, octal numbers are now stored as