This patch will upgrade Sudo version 1.8.10 patchlevel 1 to Sudo
version 1.8.10 patchlevel 2.  To apply:

    $ cd sudo-1.8.10p1
    $ patch -p1 < sudo-1.8.10p2.patch

diff -urNa sudo-1.8.10p1/ChangeLog sudo-1.8.10p2/ChangeLog
--- sudo-1.8.10p1/ChangeLog	Thu Mar 13 15:20:38 2014
+++ sudo-1.8.10p2/ChangeLog	Mon Mar 17 08:11:40 2014
@@ -1,3 +1,21 @@
+2014-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>
+
+	* NEWS, configure, configure.ac:
+	Sudo 1.8.10p2
+	[774ebec63b41]
+
+	* plugins/sudoers/timestamp.c:
+	Don't write an empty timestamp record when timestamp_timeout is
+	zero. If we find an empty record in the timestamp file, overwrite it
+	with a good one, truncating the file as needed.
+	[9c226d81b660]
+
+2014-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>
+
+	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
+	Fix typos in description of the -x option. Bug #637
+	[6ff2bfaaf99d]
+
 2014-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>
 
 	* NEWS, configure, configure.ac:
diff -urNa sudo-1.8.10p1/NEWS sudo-1.8.10p2/NEWS
--- sudo-1.8.10p1/NEWS	Thu Mar 13 15:18:40 2014
+++ sudo-1.8.10p2/NEWS	Mon Mar 17 08:10:25 2014
@@ -1,3 +1,8 @@
+What's new in Sudo 1.8.10p2?
+
+ * Fixed a hang introduced in sudo 1.8.10 when timestamp_timeout
+   is set to zero.
+
 What's new in Sudo 1.8.10p1?
 
  * Fixed a bug introduced in sudo 1.8.10 that prevented the disabling
diff -urNa sudo-1.8.10p1/configure sudo-1.8.10p2/configure
--- sudo-1.8.10p1/configure	Thu Mar 13 15:18:40 2014
+++ sudo-1.8.10p2/configure	Mon Mar 17 08:10:25 2014
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for sudo 1.8.10p1.
+# Generated by GNU Autoconf 2.69 for sudo 1.8.10p2.
 #
 # Report bugs to <http://www.sudo.ws/bugs/>.
 #
@@ -590,8 +590,8 @@
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.8.10p1'
-PACKAGE_STRING='sudo 1.8.10p1'
+PACKAGE_VERSION='1.8.10p2'
+PACKAGE_STRING='sudo 1.8.10p2'
 PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
 PACKAGE_URL=''
 
@@ -1505,7 +1505,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sudo 1.8.10p1 to adapt to many kinds of systems.
+\`configure' configures sudo 1.8.10p2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1570,7 +1570,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.8.10p1:";;
+     short | recursive ) echo "Configuration of sudo 1.8.10p2:";;
    esac
   cat <<\_ACEOF
 
@@ -1802,7 +1802,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.8.10p1
+sudo configure 1.8.10p2
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2511,7 +2511,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.8.10p1, which was
+It was created by sudo $as_me 1.8.10p2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -22958,7 +22958,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.8.10p1, which was
+This file was extended by sudo $as_me 1.8.10p2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -23024,7 +23024,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-sudo config.status 1.8.10p1
+sudo config.status 1.8.10p2
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urNa sudo-1.8.10p1/configure.ac sudo-1.8.10p2/configure.ac
--- sudo-1.8.10p1/configure.ac	Thu Mar 13 15:18:40 2014
+++ sudo-1.8.10p2/configure.ac	Mon Mar 17 08:10:25 2014
@@ -4,7 +4,7 @@
 dnl Copyright (c) 1994-1996,1998-2014 Todd C. Miller <Todd.Miller@courtesan.com>
 dnl
 AC_PREREQ([2.59])
-AC_INIT([sudo], [1.8.10p1], [http://www.sudo.ws/bugs/], [sudo])
+AC_INIT([sudo], [1.8.10p2], [http://www.sudo.ws/bugs/], [sudo])
 AC_CONFIG_HEADER([config.h pathnames.h])
 AC_CONFIG_SRCDIR([src/sudo.c])
 dnl
diff -urNa sudo-1.8.10p1/doc/visudo.cat sudo-1.8.10p2/doc/visudo.cat
--- sudo-1.8.10p1/doc/visudo.cat	Fri Mar  7 14:51:21 2014
+++ sudo-1.8.10p2/doc/visudo.cat	Mon Mar 17 08:10:25 2014
@@ -74,9 +74,9 @@
 
      --xx _f_i_l_e, ----eexxppoorrtt=_f_i_l_e
                  Export _s_u_d_o_e_r_s in JSON format and write it to _f_i_l_e.  If _f_i_l_e
-                 is `-', the exported _s_u_d_o_e_r_s policy will to be written to the
+                 is `-', the exported _s_u_d_o_e_r_s policy will be written to the
                  standard output.  The exported format is intended to be
-                 easier for third-party applications to parse that the
+                 easier for third-party applications to parse than the
                  traditional _s_u_d_o_e_r_s format.  The various values have explicit
                  types which removes much of the ambiguity of the _s_u_d_o_e_r_s
                  format.
diff -urNa sudo-1.8.10p1/doc/visudo.man.in sudo-1.8.10p2/doc/visudo.man.in
--- sudo-1.8.10p1/doc/visudo.man.in	Fri Mar  7 14:51:21 2014
+++ sudo-1.8.10p2/doc/visudo.man.in	Mon Mar 17 08:10:25 2014
@@ -216,9 +216,9 @@
 \(oq-\(cq,
 the exported
 \fIsudoers\fR
-policy will to be written to the standard output.
+policy will be written to the standard output.
 The exported format is intended to be easier for third-party
-applications to parse that the traditional
+applications to parse than the traditional
 \fIsudoers\fR
 format.
 The various values have explicit types which removes much of the
diff -urNa sudo-1.8.10p1/doc/visudo.mdoc.in sudo-1.8.10p2/doc/visudo.mdoc.in
--- sudo-1.8.10p1/doc/visudo.mdoc.in	Fri Mar  7 14:51:19 2014
+++ sudo-1.8.10p2/doc/visudo.mdoc.in	Mon Mar 17 08:10:25 2014
@@ -207,9 +207,9 @@
 .Ql - ,
 the exported
 .Em sudoers
-policy will to be written to the standard output.
+policy will be written to the standard output.
 The exported format is intended to be easier for third-party
-applications to parse that the traditional
+applications to parse than the traditional
 .Em sudoers
 format.
 The various values have explicit types which removes much of the
diff -urNa sudo-1.8.10p1/plugins/sudoers/timestamp.c sudo-1.8.10p2/plugins/sudoers/timestamp.c
--- sudo-1.8.10p1/plugins/sudoers/timestamp.c	Thu Mar 13 15:18:40 2014
+++ sudo-1.8.10p2/plugins/sudoers/timestamp.c	Mon Mar 17 08:10:25 2014
@@ -119,11 +119,13 @@
      */
     while (read(fd, &cur, sizeof(cur)) == sizeof(cur)) {
 	if (cur.size != sizeof(cur)) {
-	    /* wrong size, seek to next record */
+	    /* wrong size, seek to start of next record */
 	    sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
 		"wrong sized record, got %hu, expected %zu",
 		cur.size, sizeof(cur));
 	    lseek(fd, (off_t)cur.size - (off_t)sizeof(cur), SEEK_CUR);
+	    if (cur.size == 0)
+		break;			/* size must be non-zero */
 	    continue;
 	}
 	if (ts_match_record(key, &cur)) {
@@ -326,6 +328,10 @@
     bool rval = false;
     int fd;
     debug_decl(update_timestamp, SUDO_DEBUG_AUTH)
+
+    /* Zero timeout means don't update the time stamp file. */
+    if (def_timestamp_timeout == 0)
+	goto done;
 
     /* Check/create parent directories as needed. */
     if (!ts_secure_dir(def_timestampdir, true, false))