path: root/debian/NEWS
diff options
authorSteve Langasek <>2019-01-02 12:24:44 -0800
committerSteve Langasek <>2019-01-02 12:27:24 -0800
commita6f4ab0bebc76acf85cc0244bd21c1036009c28c (patch)
treedf0d6a57d2b91ab9038e8d7b0d62f28c2daa66db /debian/NEWS
parent10b6243f4664747e815372070142d6c5853176da (diff)
fix-up commit for grafting svn history onto git history
Diffstat (limited to 'debian/NEWS')
1 files changed, 23 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS
new file mode 100644
index 00000000..1976a81e
--- /dev/null
+++ b/debian/NEWS
@@ -0,0 +1,23 @@
+pam ( unstable; urgency=low
+ * Default Unix minimum password length has changed
+ Previous versions of pam_unix on Debian had a built-in minimum password
+ length of 1 character, and a minimum password length configured in
+ /etc/pam.d/common-password of 4 characters. This differed from the
+ upstream default of 6 characters. This has been changed, so the
+ default /etc/pam.d/common-password no longer overrides the compile-time
+ default and the compile-time default has been raised to 6 characters.
+ If you are using pam_unix but are not using the default
+ /etc/pam.d/common-password file, it is recommended that you drop any
+ min= options to pam_unix from your config unless you have stronger
+ local password requirements that the upstream default.
+ The password length 'max' option has also been deprecated in this
+ version because it was never written to work as suggested in the
+ documentation. If you are using pam_unix but are not using the default
+ /etc/pam.d/common-password file, you should remove any old max= options
+ to pam_unix from your config as this option will be considered an error
+ in future versions of pam.
+ -- Steve Langasek <> Sat, 01 Sep 2007 21:27:11 -0700