summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog1703
1 files changed, 1703 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 00000000..e6445a43
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,1703 @@
+pam (0.99.7.1-7) unstable; urgency=medium
+
+ * Medium-urgency upload for RC bugfix
+ * Debconf translations:
+ - Italian, thanks to David Paleino <d.paleino@gmail.com> (closes: #483913)
+ - Slovak, thanks to Ivan Masár <helix84@centrum.sk> (closes: #488908)
+ - Turkish, thanks to Mert Dirik <mertdirik@gmail.com> (closes: #490880)
+ - Basque, thanks to Piarres Beobide <pi+debian@beobide.net>
+ (closes: #473975)
+ * Drop the 'XS' from Vcs-Svn/Vcs-Browser, since these are now officially
+ recognized fields.
+ * Add a Homepage field. Closes: #473338.
+ * Drop -DCRACKLIB_DICTS from CFLAGS, since the referenced define is no
+ longer provided by cracklib2-dev 2.8 and above. This requires a
+ build-dependency on the corresponding version of libcrack2-dev.
+ Closes: #490236.
+
+ -- Steve Langasek <vorlon@debian.org> Mon, 21 Jul 2008 11:49:59 -0700
+
+pam (0.99.7.1-6) unstable; urgency=low
+
+ * Debconf translations:
+ - Updated Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
+ (closes: #444437)
+ - Updated Spanish, thanks to Javier Fernández-Sanguino Peña
+ <jfs@debian.org> (closes: #444479)
+ - Updated German, thanks to Sven Joachim <svenjoac@gmx.de>
+ (closes: #444566)
+ - Galician, thanks to Jacobo Tarrio <jtarrio@trasno.net> (closes: #444758)
+ - Updated Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz>
+ (closes: #445022)
+ - French, thanks to Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>
+ (closes: #445869)
+ - Japanese, thanks to Kenshi Muto <kmuto@debian.org> (closes: #446584)
+ - Dutch, thanks to Bart Cornelis <cobaco@skolelinux.no> (closes: #448930)
+ - Basque, thanks to Piarres Beobide <pi@beobide.net> (closes: #457042)
+ - Updated Finnish, thanks to Esko Arajärvi <edu@iki.fi> (closes: #458264)
+ - Swedish, thanks to Christer Andersson <klamm@comhem.se>
+ (closes: #457674)
+ * Make sure the "audit" option is specified in octal instead of in decimal,
+ so that it doesn't randomly set other options. Thanks to Corey Wright
+ <undefined@pobox.com> for the catch. Closes: #446327.
+
+ -- Steve Langasek <vorlon@debian.org> Sun, 16 Mar 2008 02:06:28 -0700
+
+pam (0.99.7.1-5) unstable; urgency=low
+
+ * More lintian overrides, related to debconf prompting in the postinst
+ * Debconf translations:
+ - Brazilian Portuguese, thanks to Eder L. Marques <frolic@debian-ce.org>
+ (closes: #440385)
+ - Russian, thanks to Yuri Kozlov <kozlov.y@gmail.com>
+ (closes: #440390, #440953, #444039)
+ - Bulgarian, thanks to Damyan Ivanov <dam@modsoftsys.com>
+ (closes: #441863)
+ - Finnish, thanks to Esko Arajärvi <edu@iki.fi> (closes: #443720)
+ - Simplified Chinese, thanks to Ming Hua
+ <minghua-guest@users.alioth.debian.org> (closes: #443924)
+ - Updated Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt>
+ - Updated Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
+ (closes: #440800)
+ - Updated German, thanks to Sven Joachim <svenjoac@gmx.de>
+ - Updated Spanish, thanks to Javier Fernández-Sanguino Peña
+ <jfs@debian.org>
+ - Updated Czech, thanks to Miroslav Kure <kurem@debian.cz>
+ (closes: #441325)
+ * Further cleanups of 007_modules_pam_unix -- don't use a global variable
+ for pass_min_len, don't gratuitously move the length checking into the
+ "obscure" checks, and internationalize the error strings.
+ * Stop overriding the built-in default minimum password length in
+ /etc/pam.d/common-password, and also drop the "max" option which has now
+ been obsoleted.
+ * Fix up the comments in /etc/pam.d/common-password to make it clear that
+ the options are specific to pam_unix. Closes: #414559.
+ * Patch 038: fix another thinko in the getline handling. Closes: #442276.
+ * If there are active X logins, don't restart kdm, wdm, and xdm by default;
+ instead, display a debconf error if they haven't been restarted.
+ Closes: #441843.
+ * Drop the local patch for Linux capabilities in pam_limits; Linux
+ capabilities are not generally useful in a PAM context, and the PAM
+ capabilities patch has been broken through much of its life.
+ Closes: #440130.
+ * -Wl,-z,defs was never enabled correctly, drop it since upstream is
+ already using -no-undefined
+ * Pass --build and --host args to ./configure as necessary, for
+ cross-building support.
+
+ -- Steve Langasek <vorlon@debian.org> Fri, 28 Sep 2007 00:17:00 -0700
+
+pam (0.99.7.1-4) unstable; urgency=low
+
+ * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
+ to fix the library skew, only reloaded; special-case this daemon in the
+ postinst and remove the mention of it from the debconf template, also
+ tightening the language of the debconf template in the process.
+ Closes: #440074.
+ * Add courier-authdaemon to the list of services that need to be
+ restarted; thanks to Micah Anderson for reporting.
+ * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
+ garbage lines in /etc/environment and log an error, instead of failing
+ with an obscure error; and ignore any PAM_BAD_ITEM values returned
+ by pam_putenv(), since this is the expected error return when trying
+ to delete a non-existent var. Closes: #439984.
+ * Yet another thinko in hurd_no_setfsuid and in
+ 029_pam_limits_capabilities; this code should really be Hurd-safe at
+ last...
+ * getline() returns -1 on EOF, not 0; check this appropriately, to fix
+ an infinite loop in pam_rhosts_auth. Thanks to Stephan Springl
+ <springl-rhosts@bfw-online.de> for the fix. Closes: #440019.
+ * Use ${misc:Depends} for libpam0g, so we get a proper dependency on
+ debconf.
+ * 019_pam_listfile_quiet: per discussion with upstream, don't suppress
+ errors about missing files or files with wrong permissions; these are
+ real errors that should not be buried.
+ * Drop the remainder of 061_pam_issue_double_free, not required for the
+ original bugfix.
+ * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that
+ we define CRACKLIB_DICTS in debian/rules.
+ * Drop patch 063_paswd_segv, superseded by a different upstream fix
+ * Split 047_pam_limits_chroot_string_value up between
+ 008_modules_pam_limits_chroot and 029_pam_limits_capabilites
+ * Updates to patch 007_modules_pam_unix: restore the same built-in min
+ password len of 6 that upstream uses; fix a typo panlindrome ->
+ palindrome.
+ * The 'max=' option was never intended to be used to limit maximum password
+ length for users, only to declare what the number of significant
+ characters /is/ for a password. But we don't need a config option to
+ tell us that, we know the answer based on which crypt type we're using,
+ so drop this as a config file option. Closes: #389197.
+ * Debconf translations:
+ - Spanish, thanks to Javier Fernández-Sanguino Peña <jfs@debian.org>
+ - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
+ - German, thanks to Sven Joachim <svenjoac@gmx.de> (closes: #440355)
+ - Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz>
+ (closes: #440362)
+ - Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt>
+ (closes: #440368)
+
+ -- Steve Langasek <vorlon@debian.org> Fri, 31 Aug 2007 17:11:05 -0700
+
+pam (0.99.7.1-3) unstable; urgency=low
+
+ * New patch limits_wrong_strncpy: fix unnecessary manipulations of string
+ buffers, including an illegal use of strncpy(). Thanks to Paul Hampson
+ for reporting. Closes: #331278.
+ * New patch misc_conv_allow_sigint.patch: allow SIGINT to be handled by the
+ application, instead of blocking it when misc_conv is in use and
+ preventing users from being able to ^C at any PAM prompt. Closes: #1708.
+ * 024_debian_cracklib_dict_path: default to NULL instead of a specific
+ dictionary path when none is defined for consistency with the new upstream
+ version of cracklib, and define our path in debian/rules.
+ * 055_pam_unix_nullok_secure: document the pam_unix "nullok_secure" option,
+ a prereq for forwarding this patch upstream. Closes: #325974.
+ * Create /etc/security/opasswd on new installs or on upgrades from
+ 0.99.7.1-2 or below, so that users that enable the remember=<n> option to
+ pam_unix aren't left unable to change passwords. Closes: #95324.
+ * Fix a couple of thinkos in hurd_no_setfsuid, that were preventing the code
+ from compiling on the Hurd still. Thanks to Michael Banck for the catch.
+ * Fix a memory leak in the pam_limits capabilities patch: always
+ cap_free() the cap_t before returning from pam_sm_open_session().
+ Closes: #153157.
+ * libpam0g.postinst, libpam0g.templates: on upgrades from versions
+ prior to 0.99.7.1-3, restart known PAM-using services so that they
+ get the new libpam symbols, since otherwise the newer PAM modules
+ will fail to load. Postinst taken from libssl0.9.8; thanks to
+ Christoph Martin for the fine example! Closes: #439835.
+ * Build-depend on po-debconf to support l10n of the debconf questions
+ from the above.
+
+ -- Steve Langasek <vorlon@debian.org> Tue, 28 Aug 2007 06:33:33 -0700
+
+pam (0.99.7.1-2) unstable; urgency=low
+
+ * New upstream release; thanks to Roger Leigh and Jan Christoph Nordholz
+ for their extensive work in helping to prepare for this update in Debian.
+ Closes: #360460.
+ - now uses autoconf for library detection, so SELinux should not be
+ unconditionally enabled on non-Linux archs. Closes: #333141.
+ - pam_mail notice handling has been completely reworked, so there should
+ no longer be missing spaces in the messages. Closes: #119689.
+ - with libtool and autoconf, now behaves "sensibly" on unknown
+ platforms. Closes: #165067.
+ - the source now builds without warnings. Closes: #212165.
+ - uses automake instead of hand-rolled makefiles with indentation
+ bugs. Closes: #241661, #328084.
+ - pam_mkhomedir now creates directories recursively as needed.
+ Closes: #178225.
+ - pam_listfile now supports being used as a session module too.
+ Closes: #416665.
+ - misspelled pam_userdb log message has been corrected. Closes: #305058.
+ - the current pam_strerror manpage no longer mentions "Unknown
+ Linux-PAM error". Closes: #220157.
+ - the text documentation no longer uses ANSI bold sequences.
+ Closes: #181451.
+ - pam_localuser now supports being used as a session module.
+ Closes: #412484.
+ - package no longer fails to build with dash as /bin/sh.
+ Closes: #331208.
+ - All modules should now be documented in the system administrator
+ guide. Closes: #350620.
+ - pam_userdb now logs an error instead of segfaulting when no db=
+ option is provided. Closes: #436005.
+ - pam_time now warns on a missing tty instead of erroring out,
+ making it possible to use the module with non-console services.
+ Closes: #127931.
+ - upstream changelog is now 'ChangeLog' instead of 'CHANGELOG'; install
+ accordingly
+ - bump the shlibs
+ - the 'test.c' example no longer exists
+ - add /usr/share/locale to libpam-runtime.
+ - CVE-2005-2977: only uid=0 is allowed to invoke unix_chkpwd with an
+ arbitrary username, and then only when SELinux is active.
+ Closes: #336344.
+ * Mark myself as primary maintainer as previously discussed with Sam, and
+ add Roger as an uploader.
+ * Refactor to use quilt.
+ * Update to Standards-Version 3.7.2.
+ * Drop unnecessary build-dependency on patch, which is
+ build-essential (and no longer invoked directly).
+ * Drop patches 002_debian_no_ldconfig_call, 010_pam_cplusplus,
+ 018_man_fixes, 030_makefile_link_against_libpam,
+ 037_pam_issue_ttyname_can_be_null, 044_configure_supports_bsd,
+ 050_configure_in_gnu and 052_pam_unix_no_openlog, which have been
+ superseded upstream.
+ * Drop patches 005_pam_limits_099_6,
+ 012_pam_group_less_restrictive_charset, 023_pam_env_limits_miscfixes,
+ 048_pam_group_colon_valid_char, 058_pam_env_enable, 059_pam_userdb_segv,
+ 060_pam_tally_segv and 062_c++_safe_headers, which have been integrated
+ upstream.
+ * Patch 057: SELinux support is merged upstream, leaving only an
+ unrelated OOM check for pam_unix_passwd. Rename as
+ 057_pam_unix_passwd_OOM_check.
+ * Patches 006, 008, 036: update for the switch from SGML to XML.
+ * Patch 007: update for the switch from SGML to XML; drop some log
+ messages that were already added upstream; update for the pam_modutil
+ changes; tighten the flag handling of the 'obscure' option; drop bogus
+ check in unix_chkpwd for null passwords. Also fix a grammar error
+ along the way. Closes: #362855.
+ * Patch 024: CRACKLIB_DICTPATH is no longer set in configure.in, so patch
+ pam_cracklib.c instead to use the default dictpath already available
+ from crack.h; and patch configure.in to use AC_CHECK_HEADERS instead
+ of AC_CHECK_HEADER, so crack.h is actually included. Also remove
+ unnecessary string copies, which break on the Hurd due to PATH_MAX.
+ * Patch 038: partially merged/superseded upstream; also add new Hurd
+ fix for pam_xauth.
+ * Patch 061: partially merged upstream
+ * Use ${binary:Version} instead of ${Source-Version} in
+ debian/control.
+ * Remove empty maintainer scripts debian/libpam0g-dev.{postinst,prerm},
+ debian/libpam0g.{postinst,prerm}, and
+ debian/libpam-modules.{postinst,prerm}; debhelper can autogenerate these
+ just fine without our help.
+ * Build-Depend on xsltproc, libxml2-utils, docbook-xml, docbook-xsl
+ and w3m instead of on linuxdoc-tools, linuxdoc-tools-latex, tetex-extra,
+ groff, and opensp.
+ * Also build-depend on flex for libfl.a.
+ * Updates for documentation handling:
+ - move debian/local/pam-*-guide to debian/libpam-doc.doc-base.foo-guide,
+ and invoke dh_installdocs instead of installing these by hand.
+ - drop libpam-doc.{postinst,prerm}, which are no longer needed.
+ - add an install target to debian/rules, and have binary-indep depend on
+ it instead of trying to install doc files individually from the source
+ tree
+ - consequently, drop libpam-doc.dirs as well which is no longer needed
+ and no longer accurate
+ - add debian/libpam-doc.install for moving the docs to the right place,
+ and also replace libpam-runtime.files with libpam-runtime.install;
+ for the moment this means we're using both dh_movefiles and
+ dh_install...
+ - libpam0g.docs: install the Debian-PAM-MiniPolicy from here, further
+ cleaning up debian/rules
+ * Drop debian/libpam0g.links, no longer needed because upstream now has a
+ working install target which creates the library symlinks
+ * Add libpam-modules.links: create pam_unix_{acct,auth,passwd,session}.so
+ symlinks by hand, no longer provided upstream.
+ * debian/patches-applied/PAM-manpage-section: "PAM" is not a daemon, manpage
+ belongs in section 7, not in section 8.
+ * Actually ship the pam, pam.conf, and pam.d manpages in libpam-runtime.
+ * debian/patches-applied/autoconf.patch: move all changes to autotools
+ generated files into a single patch at the end of the stack.
+ - don't touch configure in debian/rules, the quilt patch takes care
+ of this for us.
+ * New patch 064_pam_unix_cracklib_dictpath: correctly define
+ CRACKLIB_DICTS, since this is not defined by configure. Thanks to Jan
+ Christoph Nordholz.
+ * New patch 065_pam_unix_cracklib_disable: Debian-specific patch to disable
+ cracklib support in pam_unix. Thanks to Christoph Nordholz.
+ * debian/rules:
+ - Rename OS_CFLAGS to CFLAGS.
+ - kill off references to unused variables
+ - make binary-arch also depend on the install target, and streamline the
+ rules
+ - fix up the clean target to not ignore errors; thanks to Roger Leigh
+ - drop the local module_check target in favor of using -Wl,-z,defs
+ in LDFLAGS to enforce correct linkage of all objects at build time
+ * Drop debian/local/unix_chkpwd.8 in favor of the upstream manpage.
+ * libpam-modules.files: /usr/sbin/pam_tally has moved to /sbin/pam_tally
+ for consistency.
+ * Update to debhelper V5.
+ * Don't ship Makefiles as part of the libpam0g-dev examples.
+ * libpam-modules.manpages, libpam-runtime.manpages, libpam0g-dev.manpages:
+ put all the manpages in the correct packages. Closes: #411812,
+ #62193, #313486, #300773, #330545, #184270.
+ * Drop libpam{0g,0g-dev,-modules,-runtime}.dirs, not needed for anything
+ because we aren't trying to ship empty directories in the packages
+ * Build-Conflict with fop, to avoid unreproducible builds of pdf
+ documentation from a tool in contrib.
+ * libpam-cracklib should depend on a real wordlist package, per policy;
+ use wamerican as the default.
+ * Drop local/pam-undocumented.7 from the package, since we no longer have
+ a reason to ship it
+ * Add lintian overrides for known false-positives
+ * Conflicts/Replaces/Provides libpam-umask, now included upstream.
+ Closes: #436222.
+ * Upstream no longer marks unix_chkpwd suid-root for us, so set the perms
+ by hand in debian/rules. In the process, unix_chkpwd is now writable
+ by the owner, as expected by policy. Closes: #368100.
+ * Migrate from db4.3 to db4.6; once again, no administrator action should
+ be needed for upgrading on-disk database formats. Closes: #354309.
+ * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control; thanks to
+ Laurent Bigonville for the hint. Closes: #439038.
+ * Add a watch file for use with uscan; thanks to Laurent Bigonville for
+ this patch as well. Closes: #439040.
+ * Rewrite of 031_pam_include, fixing a memory leak and letting us drop
+ patch 056_no_label_at_end; thanks to Jan Christoph Nordholz
+ <hesso@pool.math.tu-berlin.de> for this much-improved version!
+ * New patch no_pthread_mutexes: don't use pthread mutexes in
+ pam_modutil functions, they're not needed because pam handles
+ themselves should not be used concurrently by multiple threads and
+ using pthreads causes problems for portable linking.
+ * New patch hurd_no_setfsuid: if we don't have sys/fsuid.h, work around
+ using setreuid instead.
+
+ -- Steve Langasek <vorlon@debian.org> Sun, 26 Aug 2007 19:15:09 -0700
+
+pam (0.79-4) unstable; urgency=medium
+
+ * Medium-urgency upload; at least one RC bugfix, but also a
+ significant number of changes, hence not urgency=high.
+ * Move libpam-modules and libpam0g to Section: libs and libpam-runtime
+ to section: admin, to match the overrides in the archive.
+ * Move old changelog entries (well, entry) that don't follow the current
+ format to debian/changelog.old, since there's no way to figure out a
+ timestamp for an 8-year-old upload, and this is the most effective
+ way to clear a glut of lintian warnings.
+ * Fix the formatting of the libpam-cracklib package description.
+ * Patch 010: remove parts of the patch that aren't necessary for C++
+ compatibility.
+ * Patch 060: fix a segfault in pam_tally caused by misuse of
+ pam_get_data(); already fixed upstream. Closes: #335273.
+ * Patch 061: fix a double free in pam_issue, caused by overuse (and misuse)
+ of strdup (similar to patch 059). Already fixed upstream.
+ Closes: #327272.
+ * Don't build-depend on libselinux1-dev and libcap-dev on kfreebsd archs.
+ Closes: #352329.
+ * Patch 005: sync pam_limits with upstream:
+ - support "-" (unlimited) for all limit types except process priority.
+ - support the additional aliases "-1", "unlimited", and "infinity" for
+ clearing the limits; closes: #122400, #149027.
+ - restrict the range of process priority, login count, and system login
+ count settings to (INT_MIN,INT_MAX) (heh).
+ - special-case RLIM_INFINITY when applying multipliers to values from
+ the config.
+ - document maxsyslogins in the default limits.conf; closes: #149883.
+ - use the current process priority as a default instead of resetting to
+ 0; closes: #241663.
+ - add support for (and document) new RLIMIT_NICE and RLIMIT_RTPRIO
+ settings in Linux 2.6.12 and above; closes: #313542, #313588.
+ - allow imposing limits on uid=0.
+ * Patch 027: only set RLIM_INFINITY as the default for the limits where
+ we know this is sensible, so that recompiling in an environment with new
+ limits doesn't create a security hole -- as happened with RLIMIT_NICE and
+ RLIMIT_RTPRIO! Thanks to Ville Hallik for the initial patch.
+ Closes: #388431.
+ * Patch 029, 047: Fix up the broken pam_limits capabilities patch so it
+ actually works -- which may well be a first... Closes: #318452.
+
+ -- Steve Langasek <vorlon@debian.org> Mon, 23 Oct 2006 05:36:08 -0700
+
+pam (0.79-3.2) unstable; urgency=low
+
+ * Non-maintainer upload to fix important bug, that makes passwd segfault
+ when CTRL-D is pressed at the password prompt. Applied the patch
+ provided by Dann Frazier. (Closes: #360657)
+
+ -- Margarita Manterola <marga@debian.org> Sat, 5 Aug 2006 02:11:22 -0300
+
+pam (0.79-3.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Linux-PAM/libpamc/include/security/pam_client.h,
+ Linux-PAM/libpamc/pamc_converse.c: Apply patch from
+ latest upstream version to remove redefinition of internal
+ glibc/libstdc++ types. Closes: #344447.
+
+ -- Roger Leigh <rleigh@debian.org> Sun, 5 Feb 2006 21:46:59 +0000
+
+pam (0.79-3) unstable; urgency=low
+
+ * Patch 059
+ - Fix a segfault in pam_userdb when the new "crypt=" option
+ is unset, as will be the case for all existing users; already fixed
+ upstream. Closes: #330829.
+ - Fix a memory leak in the same code due to gratuitous strdup()s.
+ * Further regression in pam_env: don't treat a missing /etc/environment
+ as a fatal error, either. Amend patch 058 accordingly. Closes: #330852.
+
+ -- Steve Langasek <vorlon@debian.org> Fri, 30 Sep 2005 01:17:53 -0700
+
+pam (0.79-2) unstable; urgency=low
+
+ The ".c.o: rm -rf $@" release
+ * Fix debian/rules so that make clean doesn't remove ./configure when the
+ timestamp on configure.in is newer (!).
+ * Switch pam_userdb from db3 to db4.3, which according to the libdb
+ maintainers should require no manual intervention for upgrading on-disk
+ database formats. Closes: #165068.
+ * Patch 058: yes, of course we want to read /etc/environment by
+ default. Grr! Revert upstream change which disables this for no
+ apparent reason (closes: #330458).
+ * Tweak selinux rootok code to use the version of the function call that
+ doesn't pollute namespace
+
+ -- Steve Langasek <vorlon@debian.org> Tue, 27 Sep 2005 02:44:36 -0700
+
+pam (0.79-1) unstable; urgency=low
+
+ * New upstream version (closes: #284954, #300775).
+ - includes some fixes for typos (closes: #319026).
+ - pam_unix should now be LSB 3.0-compliant (closes: #323982).
+ - fixes segfaults in libpam on config file syntax errors
+ (closes: #330097).
+ * Drop patches 000_bootstrap, 004_libpam_makefile_static_works,
+ 011_pam_access, 013_pam_filter_termio_to_termios, 017_misc_fixes,
+ 025_pam_group_conffile_name, 028_pam_mail_delete_only_when_set,
+ 033_use_gcc_not_ld, 034_pam_dispatch_ignore_PAM_IGNORE,
+ 035_pam_unix_security, 039_pam_mkhomedir_no_maxpathlen_required,
+ 041_call_bootstrap, 042_pam_mkhomedir_dest_not_source_for_errors,
+ 051_32_bit_pam_lastlog_ll_time, and
+ 053_pam_unix_user_known_returns_user_unknown which have been
+ integrated upstream.
+ * Merge one last bit of patch 053 into patch 043, where it should have
+ been in the first place
+ * Patch 057: SELinux support:
+ - add support to pam_unix for copying SELinux security contexts when
+ writing out new passwd/shadow files and creating lockfiles
+ - support calling unix_chkpwd if opening /etc/shadow fails due to
+ SELinux permissions
+ - allow unix_chkpwd to authenticate for any user when in an SELinux
+ context (hurray!); we depend on SELinux policies to prevent the
+ helper's use as a brute force tool
+ - also support querying user expiration info via unix_chkpwd
+ - misc cleanup: clean up file descriptors when invoking unix_chkpwd
+ (closes: #248310)
+ - make pam_rootok check the SELinux passwd class permissions, not just
+ the uid
+ - add new pam_selinux module (closes: #249499)
+ * Build-depend on libselinux1-dev.
+ * Fix pam_getenv, so that it can read the actual format of /etc/environment
+ instead of trying to read it using the syntax of
+ /etc/security/pam_env.conf; thanks to Colin Watson for the patch.
+ Closes: #327876.
+ * Set LC_COLLATE=C when using alphabetic range expressions in
+ debian/rules; bah, so *that's* what kept happening to my README file
+ when trying to build out of svn! Closes: #295296.
+ * Add a reference to the text of the GPL to debian/copyright.
+
+ -- Steve Langasek <vorlon@debian.org> Sun, 25 Sep 2005 22:08:20 -0700
+
+pam (0.76-23) unstable; urgency=low
+
+ * Fix Gcc 3.4 compilation, Closes: #259634
+ * Note that pam.conf is not read if /etc/pam.d exists, Closes: #248928
+ * Fix typo in pam_env.conf, Closes: #277633
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 10 Jul 2005 16:42:25 -0400
+
+pam (0.76-22) unstable; urgency=medium
+
+ * Add uploaders
+ * Document location of repository
+ * Fix options containing arguments in pam_unix, Closes: #254904
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 28 Jun 2004 14:28:08 -0400
+
+pam (0.76-21) unstable; urgency=medium
+
+ * Fix patch 055 again because -20 was broken and didn't actually fix the
+ problem.
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 4 May 2004 21:37:38 -0400
+
+pam (0.76-20) unstable; urgency=medium
+
+ * Update to patch 55 to only check securetty when we are sure the
+ password is null, Closes: #243698
+ * Medium urgency because the version now in testing has confusing and
+ verbose log messages.
+ * Include pam_getenv script which hopefully will be used by some people
+ somewhere for some purpose
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 28 Apr 2004 22:51:18 -0400
+
+pam (0.76-19) unstable; urgency=low
+
+ * Oops, too busy testing the upgrade from woody to make sure the upgrade
+ from -16 to -18 worked. Thanks to all those who reported,
+ Closes: #243413
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 13 Apr 2004 16:08:54 -0400
+
+pam (0.76-18) unstable; urgency=low
+
+ * Manipulate conffiles to avoid unnecessary prompt in woody to sarge
+ upgrade, Closes: #218318
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 10 Apr 2004 18:10:35 -0400
+
+pam (0.76-17) unstable; urgency=low
+
+ * common-password now includes length restrictions and cracklib
+ examples, Closes: #227681, #237537
+ * Patch 054: abstract out the logic from pam_securetty to determine if a
+ tty is in /etc/securetty into a library function
+ * Patch 55: Add nullok_secure option to pam_unix. If set, then null
+ passwords are accepted from terminals in /etc/securetty.
+ * common-auth now includes nullok_secure, Closes: #228114
+
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 4 Apr 2004 23:10:11 -0400
+
+pam (0.76-16) unstable; urgency=low
+
+ * Patch 51 from the x86-64 folks to support 32-bit ll_time in
+ pam_lastlog even if time_t is 64-bits
+ * Don't call openlog in pam_unix (patch 52), Closes: #213566
+ * Return PAM_USER_UNKNOWN for unknown users in pam_unix (patch 53), Closes: #204506
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 23 Mar 2004 22:26:04 -0500
+
+pam (0.76-15) unstable; urgency=low
+
+ * Fix description of libpam-runtime, Closes: #209755
+ * Fix description of libpam-cracklib, Closes: #210014
+ * Depend on libc6-dev|libc-dev not libc6-dev, Closes: #212354
+ * Clean up binaries, Thanks Russell, Closes: #212158
+ * Depend on sufficiently new cracklib2-dev, Closes: #214092
+ * Treate GNU/* as GNU for OS variable to make pam_limits compile,
+ (patch 050) Closes: #220980
+ * No longer build-depend on latex2html, Closes: #221318
+ * Allow : in tty specification for pam_group, (patch 048) Closes: #220439
+ * Pull in locking patch from Linux-PAM CVS; this ended up causing
+ 021_pam_nis_locking to be reworked and that patch now no longer
+ contains locking fixes, but just NIS cleanup in general. See
+ 049_pam_unix_sane_locking for the locking changes, Closes: #220158
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 12 Jan 2004 02:23:59 -0500
+
+pam (0.76-14) unstable; urgency=low
+
+ * Pull in NMU diff from 13.1, Closes: #186011
+ * Split out common-password into its own file, Closes: #207497
+ * Make other a conffile again and update to @include stuff
+ * Add missing symlink, Closes: #196605
+ * Remove undocumented manpages
+ * Update PAM mini-policy
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 1 Sep 2003 18:08:54 -0400
+
+pam (0.76-13.1) unstable; urgency=low
+
+ * NMU with maintainer's permission.
+ * Add three new config files (/etc/pam.d/common-{auth,account,session})
+ to libpam-runtime. Other packages which depend on libpam-runtime
+ can now @include these files from their own PAM configs.
+ * Convert /etc/pam.d/other from a conffile to a non-conffile config
+ file. Closes: #186011.
+ * Remove empty libpam-runtime.prerm script (debhelper will autocreate if needed)
+
+ -- Steve Langasek <vorlon@debian.org> Tue, 19 Aug 2003 19:41:03 -0500
+
+pam (0.76-13) unstable; urgency=low
+
+ * Nope, that dependency didn't work, so let's remove it. If we run into other module versioning issues, I now have an arm build environment to debug with. Closes: #198618
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 7 Jul 2003 00:22:34 -0400
+
+pam (0.76-12) unstable; urgency=low
+
+ * Fix group.conf example, (patch 046) Closes: #197080
+ * Ignore module return value in jumps, (patch 045) Closes: #176693
+ * Accept string value for chroot limit, thanks Andrei Pelinescu-Onciul,
+ Patch (047), Closes: #196903
+ * Depend on libpam-modules instead of conflicting with older versions.
+ This creates a circular dependency between libpam0g and
+ libpam-modules. James says this works fine; we hope he's right.
+ Closes: #196949
+ -- Sam Hartman <hartmans@debian.org> Sat, 21 Jun 2003 17:19:29 -0400
+
+pam (0.76-11) unstable; urgency=low
+
+ * Don't allow db4 to satisfy build-depends because it doesn't actually
+ work, and sometimes building with it would be wrong.
+ * Don't depend on libpcap-dev on Debian BSD
+ * Conflict with old libpam-modules, Closes: #191906
+ * Incorrect username should not be logged at alert (patch 43),
+ Closes: #175900
+ * Patch to support FreeBSD (patch 44, thanks Robert), Closes: #191906
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 31 May 2003 19:55:26 -0400
+
+pam (0.76-10) unstable; urgency=low
+
+ * Don't double list conffiles, Closes: #190954
+ * Only install example sources not executables, Closes: #185286
+ * Display correct directory in error message for pam_mkhomedir, patch
+ 042 thanks to Akira TAGOH, Closes: #165240
+ * Don't log EPERM when setting NOFILE limit as Linux doesn't let you
+ set that to -1, Closes: #180310
+ * Add newline to end of distributed time.conf, Closes: #172229
+ * Up our standards version and support noopt in DEB_BUILD_OPTIONS
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 3 May 2003 22:28:37 -0400
+
+pam (0.76-9) unstable; urgency=low
+
+ * Fix pam_rhosts hurd patch so it actually works, Closes: #172914
+ * Fix patch 040 not to clobber errno when logging the error fails,
+ Closes: #172186
+ * Fix dependency for linuxdoc-tools, Closes: #173097
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 15 Dec 2002 17:10:58 -0500
+
+pam (0.76-8) unstable; urgency=low
+
+ * Have makefile appropriately depend on bootstrap-libpam
+ * Install pam minipolicy, Closes: #167798
+ * Don't segfault if ttyname is null; this avoids the segfault but does
+ not actually make pam_issue useful for ssh. I believe the way
+ pam_issue works is fundamentally incompatible with what sshd expects
+ from PAM (patch 037), Closes: #153152
+ * We actually fixed passwords containing , in 0.76-6, but failed to
+ document it. They do work, Closes: #164713
+ * Note that /etc/pam.d/other is a fall back for each service
+ * Patches from Michal 'hramrach' Suchanek" <hramrach_l@centrum.cz> to
+ make HURD work, Closes: #165066 (patch 038 and 039)
+ * Don't depend on gs and other doc prep tools for build-depends, just
+ build-depends-indep, Closes: #165065
+ * Patch from Eric Anderson <anderse@hpl.hp.com> to log failures of
+ setrlimit (patch 040), Closes: #169836
+ * Build pam_limits on hurd, Closes: #165190
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 24 Nov 2002 22:04:28 -0500
+
+pam (0.76-7) unstable; urgency=low
+
+ * Fix handling of pam_ignore in case where we're skipping modules;
+ update to patch 034
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 20 Oct 2002 21:49:22 -0400
+
+pam (0.76-6) unstable; urgency=low
+
+ * The "No, I don't think I actually want any of what upstream is
+ smoking" release
+ * If this were already in testing, this would be an severity emergency
+ upload
+ * pam_unix currently treats * in shadow file as no password not
+ disabled; major security issue; fixed in upstream CVS, (patch 035) Closes: #164659
+ * OK, I think this actually fixes the rest of the manpage symlinks,
+ Closes: #163839, #164298
+ * You don't want to use getlogin for pam_wheel because utmp may be wrong or for xterm have no entry, pull forward patch from the 0.72 packages (patch 036), Closes: #163787
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 15 Oct 2002 10:44:56 -0400
+
+pam (0.76-5) unstable; urgency=low
+
+ * Fix library links from 0.75 to 0.76
+ * Ignore PAM_IGNORE in _pam_dispatch_aux (patch 34), Closes: #163841
+ * Fix man page symlinks, Closes: #163839
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 11 Oct 2002 01:08:06 -0400
+
+pam (0.76-4) unstable; urgency=low
+
+ * Upstream correctly states that one should use gcc not ld when
+ linking and then hapilly proceeds to actually use ld, fixed, Closes: #163711
+
+ * Remove experimental warning from readme, Closes: 163742
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 7 Oct 2002 23:45:53 -0400
+
+pam (0.76-3) unstable; urgency=low
+
+ * Oops, let's try building -fpic. This currently builds everything
+ -fpic which is somewhat wrong, but doing more than that requires
+ significant build system hacking (touch every makefile for dynamic
+ objects), so it will wait, Closes: #163600
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 6 Oct 2002 23:33:12 -0400
+
+pam (0.76-2) unstable; urgency=low
+
+ * Link against appropriate libraries so we find the symbols we need,
+ Closes: #162175
+ * The if everyone's going to complain when I upload broken software to
+ experimental release, I might as well upload to unstable and give them
+ something worth actually complaining about release.
+ * Also the remove the scourge of dbs release
+ * Include patch 034 from the 0.72 packages, meaning that we've included
+ all the patches we need before release
+ * Reject the patch to pam_wheel as I cannot find out what reasonable
+ thing it was trying to do and it seemed broken
+ * libpam-cracklib should depend on wordlist so it actually works;
+ thanks Olaf Meeuwissen,
+ Closes: #112965
+ * Merge build-depends and build-depends-indep because I'm a bad person
+ and was too lazy to make docs build in a separate pass. I'll deal in
+ a few versions.
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 6 Oct 2002 18:52:13 -0400
+
+pam (0.76-1) experimental; urgency=low
+
+ * New upstream version
+ * Upstream includes fix to not break cron, Closes: 160566
+ * New Upstream correctly handles priority < 0 for pam_limits, Closes: #126251
+ * .cvsignores removed, Closes: #159961
+
+ -- Sam Hartman <hartmans@debian.org> Sun, 22 Sep 2002 16:11:35 -0400
+
+pam (0.75-3) experimental; urgency=low
+
+ * Apply patch 027 pam_limits so that we initialize to wide open not
+ current limits.
+ * In pam_mail, don't complain about deleting environment variable if
+ we never set it, Closes: #58429
+ * Don't set default max procs limit in pam_limits, Closes: #116874
+ * libpam-runtime now arch all since it has no arch-specific files,
+ Closes: #132545
+ * Update mini policy to reflect confusion on debian-devel
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 16 Jul 2002 09:30:50 -0400
+
+pam (0.75-2) experimental; urgency=low
+
+ * Fix pam_userdb to build and to build against db3, fixes patch 020
+ * Fix upstream makefile so pam_group has valid configuration, closes: #148657
+ * time.conf reference to logoutd removed, closes: #143801
+ * The static library contains all the appropriate symbols in this
+ version. You may find the complete lack of PAM modules somewhat
+ frustrating; currently the static pam library is only useful if you
+ register your own modules. Fixing this would require annoying hacking
+ on the upstream build system, closes: #103495
+ * unix_chkpwd.8 typo fixes thanks to dancer@anthill.echidna.id.au,
+ Closes: #139949
+ * Since we're working on the new upstream version, we also have the new docs, closes: #147763
+ * Patch from Martin Schwenke <martin@meltin.net> to only change
+ passwords in pam_unix when they exist in the password file; hopefully
+ does not break NIS, closes: #135990
+ * Another patch from Martin to return PAM_USER_UNKNOWN if we ever
+ actually do get into the password changing routine only to find that
+ we have no password to change, closes: #135604
+ * .cvsignore no longer installed, closes: #120795
+ * We're using debhelper 3, just in time to be obselete, Closes: #93414
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 8 Jun 2002 18:04:40 -0400
+
+pam (0.75-1) experimental; urgency=low
+
+ * Preliminary test packages
+ * New upstream version
+ * Hopefully works mostly the same as 0.72 except for upstream bug
+ fixes and for the fact that pam_limits is fairly broken right now.
+ * If it breaks you are lucky if you get to keep both pieces release.
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 25 May 2002 22:57:57 -0400
+
+pam (0.72-35) unstable; urgency=medium
+
+ * Fix like_auth to make libpam-krb5 and libpam-heimdal actually useful,
+ patch from RISKO Gergely , closes: #126251
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 21 Jan 2002 15:20:22 -0500
+
+pam (0.72-34) unstable; urgency=medium
+
+ * Note that HOME may not be useful in pam_environment, closes: #109281
+ * Don't smash case domains (groups/users) in pam_limits, closes: #119893
+ * Remove double the from description, closes: #107705
+ * Fix typo on mail message, closes: #119689
+ * Medium since these are small fixes that should go into woody
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 23 Nov 2001 21:24:20 -0500
+
+pam (0.72-33) unstable; urgency=low
+
+ * Fix pam_mail to look in /var/mail not /var/spool/mail, thanks mjb.
+
+ -- Sam Hartman <hartmans@debian.org> Thu, 11 Oct 2001 15:44:32 -0400
+
+pam (0.72-32) unstable; urgency=medium
+
+ * This should probably get into testing before freeze; medium.
+ * Patch from Volker Stolz to fix bug in previous pam_group patch,
+ closes: #111854
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 22 Sep 2001 06:32:29 -0400
+
+pam (0.72-31) unstable; urgency=low
+
+ * Add support for credential reinitialization in pam_group, closes: #108697
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 31 Aug 2001 13:16:39 -0400
+
+pam (0.72-30) unstable; urgency=low
+
+ * Include patch from robbe@orcus.priv.at to build pam_limits on hurd,
+ closes: #103556
+ * Start installing limits.conf for hurd (may not work quite right)
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 16 Jul 2001 09:35:51 -0400
+
+pam (0.72-29) unstable; urgency=low
+
+ * Correctly declare uint32 type for ia64, closes: #104584
+
+ -- Sam Hartman <hartmans@debian.org> Sat, 14 Jul 2001 01:30:39 -0400
+
+pam (0.72-28) unstable; urgency=low
+
+ * Fix scanf string so pam_limits chroot works, closes: #100812
+ * Only log unknown user at warning, not alert, closes: #95220
+ * By default do complete matches not substring matches for pam_time.
+ You can include explicit wildcard for substring, closes: #66152
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 3 Jul 2001 17:31:45 -0400
+
+pam (0.72-27) unstable; urgency=low
+
+ * Fix typo in last patch
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 25 Jun 2001 18:27:42 -0400
+
+pam (0.72-26) unstable; urgency=low
+
+ * Block SIGCHLD when calling unix password verification program, patch from mdz@debian.org, fixes pam part of #97977
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 25 Jun 2001 08:47:12 -0400
+
+pam (0.72-25) unstable; urgency=medium
+
+ * Depend on opensp, working around #89063, closes: #100125
+ * This is urgency medium to get docs back into testing.
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 8 Jun 2001 11:44:12 -0400
+
+pam (0.72-24) unstable; urgency=low
+
+ * New NIS double locking and root password patch from Philippe Troin
+ <phil@fifi.org>, fixes bug in unreleased patch submitted for
+ 0.72-23. Also improves changing root password so it does something;
+ ongoing discussion on whether this is right.
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 21 May 2001 08:06:05 -0400
+
+pam (0.72-23) unstable; urgency=low
+
+ * Patch from Benoit Gaussen <ben@trez42.net> , Don't trim from , to end
+ of string in user input, only trim from salt
+ grabbed from passwd file, closes: #96779
+ * Fix NIS double locking, closes: #96736
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 16 May 2001 15:46:34 -0400
+
+pam (0.72-22) unstable; urgency=low
+
+ * Fix pam.8 to be pam.7, closes: #92874
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 17 Apr 2001 23:04:04 -0400
+
+pam (0.72-21) unstable; urgency=low
+
+ * Don't depend on libcap for hurd, closes: #91998
+ * Don't list scurity/limits.conf as a conffile for hurd
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 9 Apr 2001 12:30:18 -0400
+
+pam (0.72-20) unstable; urgency=low
+
+ * Install pam-undocumented in -runtime not -dev, closes: #93063
+ * Mark pam-runtime as replacing files from -dev in case you installed
+ -19 and have pam-undocumented in the wrong place
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 6 Apr 2001 06:38:15 -0400
+
+
+
+pam (0.72-19) unstable; urgency=low
+
+ * New maintainer, closes: #92353
+ * Install pam-undocumented; somehow it was not installed in -18
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 4 Apr 2001 21:32:17 -0400
+
+pam (0.72-18) unstable; urgency=low
+
+ * pam_securetty: log failed tty checks. Normally this was only done if
+ the "debug" option was on...do it regardless now, closes: #89390
+ * Get rid of log message for when "root" is not applied to group checks.
+ closes: #88825
+ * Add quiet option to pam_listfile, closes: #84428
+ * pam(8) should be pam(7), pam.conf(8) should be pam.conf(5), closes:
+ #89322
+ * Added groff to Build-Depends-Indep, closes: #88794
+
+ -- Ben Collins <bcollins@debian.org> Sun, 25 Mar 2001 21:40:32 -0500
+
+pam (0.72-17) unstable; urgency=low
+
+ * Fixed login in pam_limits where the max logins could be ignored.
+
+ -- Ben Collins <bcollins@debian.org> Fri, 9 Mar 2001 09:14:48 -0500
+
+pam (0.72-16) unstable; urgency=low
+
+ * New pam limits cap patch from Topi Miettinen
+ <Topi.Miettinen@koti.tpo.fi>, closes: #88401, #88406, #88525, #88399,
+ #86197
+ * pwdb no longer used, closes: #59917
+ * fix patch 023 for gethostbyname build failure, closes: #86156
+ * Make sure unix_chkpwd gets installed as suid root, closes: #88519
+ * Fix whatis parse of manpages, closes: #86203
+ * pam_listfile, fix arg parsing when arg does not contain '=', closes:
+ #86070
+
+ -- Ben Collins <bcollins@debian.org> Sun, 4 Mar 2001 22:45:58 -0500
+
+pam (0.72-15) unstable; urgency=low
+
+ * Doh, added build-depends for libcap, closes: #85352
+ * Change section of libpam-cracklib from admin to libs to match
+ overrides.
+
+ -- Ben Collins <bcollins@debian.org> Fri, 9 Feb 2001 09:06:40 -0500
+
+pam (0.72-14) unstable; urgency=low
+
+ * Added fix to pam_access for gethostname decleration. closes: #82100
+ * Just name the lib/security directory instead of all the modules
+ seperately for dh_movefiles. closes: #76119
+ * Fix pam_env corruption, closes: #66849, #77229
+ * Add patch to allow recursive /etc/skel copy in pam_mkhomedir, closes:
+ #67211
+ * remove dh_suidregister call, added conflict for old suidregister
+ package
+ * Applied patch for Linux capabilities in pam_limits, closes: #74176
+ * pam_issue.so works for me, without segv, and even with escapes. This
+ is with login. Note, things like pam_issue do not work with ssh simply
+ because ssh is not able to work in that way (does not support
+ arbiitrary conversations). So if you want it to work there, file a bug
+ on ssh, not on libpam-modules. closes: #77228
+ * unix_chkpwd: check for NULL password, closes: #69960
+
+ -- Ben Collins <bcollins@debian.org> Thu, 8 Feb 2001 11:06:03 -0500
+
+pam (0.72-13) unstable; urgency=low
+
+ * Fix grammar in pam_source.sgml, closes: #78959
+ * pam_undocumented.7: Fix escaped 's, closes: #75987
+ * Fix build ordering, closes: #71442, #80397, #77017
+ * Applied Hurd patch, closes: #76119
+ * Use gcc for linking, not ld. closes: #71941
+ * Pretty sure this was fixed, closes: #67172
+ * Applied spealang fixes to Debian-mini-policy. closes: #80249
+ * Applied patch to allow devfs style terminal devices with pam_group,
+ closes: #77661
+ * Could not reproduce, even using md5 passwords. User, if you still have
+ * this problem, you need to tell me with what service (login, which I
+ tested, sshd, telnet, etc...) and also send me the entire pam.d file
+ for that service. closes: #76087
+ * Fixed awhile back, closes: #72858
+ * Closing this since I am not going to include any modules in this
+ package that aren't in upstream. If someone else wants to package
+ these modules seperately, they can do so. closes: #69550
+ * For correct usage, pam_wheel.so should be used with "sufficient" and
+ not "required". This is documented. If you use "required", then you
+ must also use the "trust" option, but that doesn't give you the
+ results you want. closes: #76236
+
+ -- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 05:38:23 -0500
+
+pam (0.72-12) frozen unstable; urgency=low
+
+ * Recompile against db2 for glibc change
+ * Add db2 to build-deps
+
+ -- Ben Collins <bcollins@debian.org> Wed, 27 Sep 2000 12:08:11 -0400
+
+pam (0.72-11) frozen unstable; urgency=low
+
+ * Removed all traces of pwdb in packages. libpwdb has been removed from
+ the archive. This means that the pam_pwdb and pam_radius modules are
+ no longer available (from the libpam-pwdb package).
+ * doc/modules/pam_wheel.sgml: Really spell out that being a member of a
+ group meands the user is listed in /etc/group, closes: #69242
+ * doc/*: s/PAM_AUTHOK_RECOVERY_ERR/PAM_AUTHOK_RECOVER_ERR/g,
+ closes: #64473
+ * pam_wheel: PAM does not distinguish it, the libc calls make the
+ distinction. The users gid is returned in their passwd info, while
+ getgrent() returns only the members of the group listed in /etc/group.
+ This is ok, because if it's really that important, you can actually
+ have it in both places. The fact that it's documented should suffice
+ in making this clear, closes: #69236
+ * Sorry, but seperate modules generally need to be packaged seperately.
+ I don't want to overload this package with everyone's pet module, so I
+ have to put my foot down, closes: #61759
+ * Actually, I'm going to move in Woody to make packages depend more on
+ the defaults in /etc/pam.d/other, so that admins have less to
+ maintain. For one, all packages should not have a password service
+ listed, closes: #70000 (YAY! I got the 70k rollover bug number!)
+ * Sorry, I can't include this. "," is a legitimate char in a password
+ salt/hash. If you can code up something that is super intelligent
+ about lenghts of the field, I can go for it, maybe, closes: #59459
+ * modules/pam_limits: Added chroot feature patch, closes: #61090
+ * modules/pam_access: Allow last field to contain ':', closes: #67291
+ * modules/pam_limits: Allow explicit limits for root, closes: #62448
+ * modules/pam_unix: Do not zero old/new password fields, libpam does
+ this itself, and doing so in the module breaks stacking,
+ closes: #66270
+ * modules/pam_group: Allow alpha *and* numeric in tty field (duh),
+ closes: #63752
+ * modules/pam_access: Enable NIS, closes: #64854
+ * libpam0g-dbg: removed, useless anyway
+
+ -- Ben Collins <bcollins@debian.org> Wed, 30 Aug 2000 18:39:32 -0400
+
+pam (0.72-10) frozen unstable; urgency=low
+
+ * Update build depends
+ * Fixed logic for showing non-existent user names when auth failed in
+ pam_unix.so, closes: #67786 (thanks to Jim Breton for being patient in
+ helping track this down). It would sometimes show them, even if we
+ didn't want to.
+
+ -- Ben Collins <bcollins@debian.org> Thu, 27 Jul 2000 09:17:08 -0400
+
+pam (0.72-9) frozen unstable; urgency=low
+
+ * pam_unix: do not call obscure_msg() of pass_old is NULL,
+ closes: #65321
+ * pam_access: check for from[0] == '\0' so that tty logic is actually
+ used, closes: #65401
+
+ -- Ben Collins <bcollins@debian.org> Wed, 14 Jun 2000 11:38:35 -0400
+
+pam (0.72-8) frozen unstable; urgency=low
+
+ * Build depends added in previous version, closes: #60817, #61439
+ * Allow use of ":0" in group.conf, closes: #61966
+ * Added syslog entry to notify that a user succesfully changed their
+ password, closes: #61724
+ * Make pam_unix compatible with HP-UX style NIS+ password information,
+ patch from ldaffner@rsn.hp.com, closes: #61942
+ * If "audit" is not enabled, don't let pam_unix print the names of
+ unknown users for auth attempts, closes: #61942
+ * Fixed ttyname() parsing in pam_access to match that of the old shadow
+ access.conf s,/dev/,, closes: #61644
+ * Set some sane defaults for pam_limits.so instead of carrying over
+ potentially bad defaults, patch from Peter Paluch
+ <peterp@frcatel.fri.utc.sk> closes: #63230
+ * Allow explicit (e.g. specified specifically for) limits for root,
+ patch from Topi Miettinen <Topi.Miettinen@nic.fi>, closes: #62448
+ * Added information to time.conf about logoutd, which is now enabled via
+ this file.
+ * cracklib maintainer claims this isn't a bug, closes: #54180
+ * fixed control syntax handling which was causing segfaults, closes: #62237
+
+ -- Ben Collins <bcollins@debian.org> Sat, 29 Apr 2000 11:39:59 -0400
+
+pam (0.72-7) frozen unstable; urgency=low
+
+ * pam_limits: fix parsing of users which explicitly removes limits,
+ closes: #59911, #60287
+ * Added build-depends
+
+ -- Ben Collins <bcollins@debian.org> Mon, 20 Mar 2000 16:06:28 -0500
+
+pam (0.72-6) frozen unstable; urgency=low
+
+ * Remove conflict for libpam0g-util from libpam0g and put it in
+ libpam-runtime. This should fix a problem with upgrades that apt
+ experiences, closes: #58677
+
+ -- Ben Collins <bcollins@debian.org> Mon, 28 Feb 2000 14:05:28 -0500
+
+pam (0.72-5) frozen unstable; urgency=low
+
+ * Added obscure password checks to pam_unix. Required for shadow to be
+ able to emulate the pre-PAM setup (referenced in a bug on passwd).
+ * Applied patch from #57800 to fix NIS/NIS+ shadow accounting checks,
+ closes: #57800, #58164
+ * Fixed two typos in the PAM System Administrators Guide,
+ closes: #56578, #56587
+
+ -- Ben Collins <bcollins@debian.org> Mon, 28 Feb 2000 10:58:09 -0500
+
+pam (0.72-4) frozen unstable; urgency=low
+
+ * unix_chkpwd: check for NULL on stdin aswell as 0 reads, closes: #56375
+ * pam_unix/Makefile: removed bashism, closes: #56370
+ * fixed in shadow upload, closes: #49832
+
+ -- Ben Collins <bcollins@debian.org> Sat, 29 Jan 2000 00:27:28 -0500
+
+pam (0.72-3) unstable; urgency=low
+
+ * Added cpluplus wraps in all the headers, closes: #53653
+
+ -- Ben Collins <bcollins@debian.org> Sun, 2 Jan 2000 15:15:40 -0500
+
+pam (0.72-2) unstable; urgency=low
+
+ * Well, this is an odd one. A recompile fixes it. So it must have been a
+ problem from linking with 0.71 when this is version 0.72. All of this
+ build daemons seem to have compiled the latest 0.72, so this should be
+ resolved after this gets recompiled on all of them, closes: #51619, #49584
+ * This is from a very old version (0.56) of libpam0. It is not relevant
+ to the latest version, closes: #47162
+
+ -- Ben Collins <bcollins@debian.org> Sun, 26 Dec 1999 09:10:13 -0500
+
+pam (0.72-1) unstable; urgency=low
+
+ * New upstream source release, lots of patches merged upstream (thanks
+ Andrew).
+ * libpam-doc: now provides pam-doc, closes: #45631
+ * cleanups to the build system
+ * shlibs.local: bumped shlib deps
+
+ -- Ben Collins <bcollins@debian.org> Tue, 14 Dec 1999 11:17:36 -0500
+
+pam (0.71-3) unstable; urgency=low
+
+ * Debian-PAM-MiniPolicy: new document describing how PAM is implemented
+ in Debian
+
+ -- Ben Collins <bcollins@debian.org> Fri, 26 Nov 1999 17:26:40 -0500
+
+pam (0.71-2) unstable; urgency=low
+
+ * pam_listfile: lstat -> stat, closes: #49833
+ * pam_tally: install the pam_tally program, closes: #50314
+ * debian/control: libpam-modules, replaces libpam0g-util, closes: #50716
+
+ -- Ben Collins <bcollins@debian.org> Thu, 25 Nov 1999 21:02:23 -0500
+
+pam (0.71-1) unstable; urgency=low
+
+ * New upstream release, merges lots of patches from the Debian source,
+ also merges the pam_{motd,mkhomedir,issue} modules into the main
+ source. Lots of minor bugs fixed, and compiler warnings
+ * pam_mail: Reimplemented the authentication handlers, so now this works
+ as both (changes nothing in Debian, but was required to get the patch
+ accepted upstream)
+ * general: Lots of small edits to fix compiler warnings
+ * pam_userdb: fixed potential usage of an unitialized value as
+ PAM_AUTHTOK, doesn't look particularly exploitable, but better safe
+ than sorry
+
+ -- Ben Collins <bcollins@debian.org> Mon, 8 Nov 1999 19:21:52 -0500
+
+pam (0.70-4) unstable; urgency=low
+
+ * pam_wheel/pam_wheel.c: change to use getpwuid(getuid()) by default, so
+ avoid the problems associated with getlogin()
+
+ -- Ben Collins <bcollins@debian.org> Mon, 1 Nov 1999 13:33:10 -0500
+
+pam (0.70-3) unstable; urgency=low
+
+ * Applied patch from Herbert Xu to enable PAM_CONV_AGAIN support in
+ pam_ftp, closes: #47288
+
+ -- Ben Collins <bcollins@debian.org> Wed, 13 Oct 1999 13:25:21 -0400
+
+pam (0.70-2) unstable; urgency=low
+
+ * 100_pam_pwdb_security_fix: new patch fixes security problem with
+ regard to NIS accounts
+
+ -- Ben Collins <bcollins@debian.org> Wed, 13 Oct 1999 11:42:41 -0400
+
+pam (0.70-1) unstable; urgency=low
+
+ * New upstream release
+ * Seems there were a lot of fixes merged/matches upstream, looks good,
+ (maybe it's time I start sending my patches in, since the maintainer
+ is active again).
+ * libpamc: new library (libpam client library), this actually used to be
+ in the Debian packages for a few versions, but it was removed upstream.
+ Guess what, it's back :)
+
+ -- Ben Collins <bcollins@debian.org> Sun, 10 Oct 1999 01:07:43 -0400
+
+pam (0.69-11) unstable; urgency=low
+
+ * {pwdb,unix}_chkpwd.8: fixed format to get rid of "no whatis" warnings
+ from mandb, closes: #47004
+ * pam_unix.sgml: new file, documents the pam_unix.so module,
+ closes: #46511
+
+ -- Ben Collins <bcollins@debian.org> Sat, 9 Oct 1999 12:41:58 -0400
+
+pam (0.69-10) unstable; urgency=low
+
+ * libpam/pam_item.c: fixed debug message being in wrong place
+ * 013_pam_issue: new patch, provides issue file parsing for PAM
+ applications (helps to replace lost functionality in login).
+
+ -- Ben Collins <bcollins@debian.org> Wed, 6 Oct 1999 20:30:17 -0400
+
+pam (0.69-9) unstable; urgency=low
+
+ * Fix typo in pam_mail.so module's "no" return
+
+ -- Ben Collins <bcollins@debian.org> Sun, 3 Oct 1999 15:08:56 -0400
+
+pam (0.69-8) unstable; urgency=low
+
+ * docs/modules/pam_mkhomedir.sgml: Fixed module name
+ * changed build system structure
+ * libpam/Makefile: add -lcrypt to the linked libs, closes: #46104
+ * increase shlib deps to 0.69-7, closes: #45801
+ * pam_motd.c: close motd file after reading, closes: #46122
+ * pam_motd.c: fix setting \0 in the wrong place when motd file is
+ zero length, closes: #45686, #45632
+ * pam_unix_acct.c: allow '0' to denote disabled for some expiry fields
+ since chage(1) documents it this way, closes: #45446
+ * pam_mail.c|modules/pam_mail.sgml: added 2 options, one "standard" to
+ give the old style "You have ..." response and "quiet" which only
+ reports new mail for both formats, documented both options,
+ closes: #45670
+ * with the new pam_unix module, this bug is fixed, closes: #42230
+ * pam_limits.c: make sure that we not only ignore limits on root, we
+ also remove them just in case we are su'ing from a limited user to
+ the root account (since as root they can remove the limits anyway),
+ closes: #35302
+
+ -- Ben Collins <bcollins@debian.org> Sun, 3 Oct 1999 12:07:28 -0400
+
+pam (0.69-7) unstable; urgency=low
+
+ * debian/rules: fixed module_check
+ * pam_env/pam_env.c: fixed env parsing to include values wrapped in ''
+ and also allow continued lines with a trailing '\'.
+ * pam_motd,pam_mail: converted to session modules, so that they could
+ be ordered with the lastlog module
+ * updated default pam.d/login to reflect above change (now login looks
+ the same as the non-PAM version, lastlog, then motd, and then mail
+ check)
+ * pam_motd: removed extraneous \n from output
+ * modules/pam_limits/pam_limits.c: Fixed parsing of lines with only
+ "domain -", which was documented as being able to get rid of limits
+ for that user or group.
+ * debian/control: (libpam-cracklib) Added depends for cracklib-runtime,
+ closes: #45488
+ * modules/pam_env.c: Fixed /etc/environment parsing causing segfaults on
+ long lines, closes: #45408
+
+ -- Ben Collins <bcollins@debian.org> Sun, 19 Sep 1999 13:50:40 -0400
+
+pam (0.69-6) unstable; urgency=low
+
+ * Install unix_chkpwd suid root, it's needed for NIS to work without
+ modification to the binary.
+ * modules/pam_limits/pam_limits.c: hmm, some how I got a strange broken
+ patch left over from the source upgrade...removed all but the pwdb
+ purging, closes: #45088
+ * modules/pam_env/pam_env.c: Changed to a debug message, instead of a
+ syslog message when /etc/environment does not exist.
+
+ -- Ben Collins <bcollins@debian.org> Wed, 15 Sep 1999 04:25:21 -0400
+
+pam (0.69-5) unstable; urgency=low
+
+ * Removed libpam0g's preinst check for full paths in the pam.d files,
+ this should really be a lintian check at build (i think the old libpam
+ could not work like this, but hey...things change for the better some
+ times. This PAM works fine like that). closes: #45001
+ +NOTE: Debian packages should not reference modules by the full path
+ so they don't break if I ever decide to move the modules to a different
+ default directory. Only the admin should reference full paths and only
+ for locally installed modules. I have submitted a request to check for
+ this in lintian along with a few other devious things.
+ * debian/patches/008_pam_mkhomedir: Fix title of sgml doc
+ * modules/pam_userdb/Makefile: added patch for building against glibc 2.0
+ (request from Roman Hodek), closes: #45064
+
+ -- Ben Collins <bcollins@debian.org> Tue, 14 Sep 1999 06:12:34 -0400
+
+pam (0.69-4) unstable; urgency=low
+
+ * Link all dynamic modules with libpam. For some reason, alpha doesn't
+ like it when we don't
+
+ -- Ben Collins <bcollins@debian.org> Mon, 13 Sep 1999 06:01:40 -0400
+
+pam (0.69-3) unstable; urgency=low
+
+ * doc/modules/pam_cracklib.sgml: changed to correct path for
+ cracklib_dict reference.
+ * modules/pam_env/pam_env.c: now groks bash style env's from
+ /etc/environment to be compatible with other programs that use it.
+ * modules/pam_securetty/pam_securetty.c: don't just plain fail when
+ root isn't allowed to login, fake a password request just like any
+ good auth module would. Keeps us from letting them know that they
+ are doing something bad :)
+ * modules/pam_{motd,mkhomedir}: merged these two modules into this
+ source, also wrote corresponding sgml files for libpam-doc,
+ closes: #40754
+ * debian/control: Moved libpam0g, libpam-modules and libpam-runtime
+ to base with required priority since login depends on them and
+ policy will require this
+
+ -- Ben Collins <bcollins@debian.org> Sat, 11 Sep 1999 08:06:02 -0400
+
+pam (0.69-2) unstable; urgency=low
+
+ * Modified build so that it uses libs and headers in the build tree
+ rather than on the local system. This involved changint the build
+ order slightly and should make it easier to compile on new archs.
+ * Modified pam_limits so that it was invoked during pam_sm_setcred()
+ instead of during pam_sm_session_open() so that it will work with
+ shadow's su.
+ * Fixed missing symbols in libpam.so, they were caused by it thinking
+ it was supposed to have static modules built in.
+ * Fixed problem where libpam was getting built with -DDEBUG
+ * pam_unix_passwd.c: Changed the perms on shadow to be 0.42 and 0640
+ instead of 0.0 and 0600
+ * unix_chkpwd: fix it not being sgid shadow
+
+ -- Ben Collins <bcollins@debian.org> Thu, 9 Sep 1999 13:52:01 -0400
+
+pam (0.69-1) unstable; urgency=low
+
+ * New upstream source
+ - Now with a new and improved pam_unix module, closes: #38631
+ - Lot's of documentation cleanups
+ * Converted build system to dbs (doogie's build system, aka Adam Heath)
+ * Fixed libpam.so compilation so that it did not link with any of the
+ modules (this was causing lot's of problems, closes; #43913, #40739
+ * modules/pam_ftp/pam_ftp.c: Fixed sizeof, to use strlen,
+ closes: #44054, #41845, #44142, #39129, #39871, #44412
+ * Postscript pages are now generated correctly, closes: #41608
+ * Moved to FHS compliance (including use of debhelper 2.0.40),
+ this also raises the policy version to 3.0.1.1
+ * Don't check the paths in /etc/pam.d files anymore. This is old
+ and causes nothing but complaints, closes: #39747
+ * Build libpam0g-dbg with debuggable static and shared libraries, also
+ enabled the internal DEBUG_REL compile flag for these so that the
+ debugging messages will also be output
+
+ -- Ben Collins <bcollins@debian.org> Tue, 7 Sep 1999 17:45:20 -0400
+
+pam (0.66-10) unstable; urgency=low
+
+ * Added ability for pam_env to parse /etc/environment and updated
+ docs to reflect it
+ * Applied patch for pwdb_chkpwd man page, closes: #38976
+ * Merged pam_unix_*.so modules into one pam_unix.so with symlinks
+ for backward compatibility. This helps centralize this module the
+ same way the pam_pwdb.so is and the way pam_unix.so is on other
+ operating systems (commercial ones specifically).
+ * Closed by pam-apps upload, closes: #38632
+ * Fixed `sgml2latex' syntax, closes: #39119
+ * Added doc-base support, closes: #37627
+
+ -- Ben Collins <bcollins@debian.org> Wed, 16 Jun 1999 01:20:23 -0400
+
+pam (0.66-9.1) unstable; urgency=low
+
+ * SPARC NMU to fix chown symbols when compiling with glibc 2.1.1
+
+ -- Ben Collins <bcollins@debian.org> Tue, 11 May 1999 13:33:33 +0000
+
+pam (0.66-9) unstable; urgency=low
+
+ * Changed the debian/rules to not mess with the library symlinks (ie
+ running ldconfig in the lib dir) and all is well, closes: #36169
+
+ -- Ben Collins <bcollins@debian.org> Sun, 18 Apr 1999 09:09:51 -0400
+
+pam (0.66-8) unstable; urgency=low
+
+ * Compiled with libpam_client.so now (seperate lib in libpam0g)
+ * Made regex for libpam0g postinst a little more specific so it
+ didn't flag false problems. closes: #34626
+ * Applied patch to fix pam_ftp, closes: #35388
+ * Modified pam_mail and pam_lastlog to honor PAM_SILENT in order to
+ enable apps to use hushlogin/PAM_SILENT
+ * Fixed problem with libpam_client.so being static
+
+ -- Ben Collins <bcollins@debian.org> Mon, 15 Mar 1999 20:54:23 -0500
+
+pam (0.66-7) unstable; urgency=low
+
+ * Fixed XCASE in pam_filter.c (not really in glibc 2.1 by default)
+
+ -- Ben Collins <bcollins@debian.org> Sat, 6 Mar 1999 18:46:56 -0500
+
+pam (0.66-6) unstable; urgency=low
+
+ * Removed empty /lib/security/ from libpam0g (is created in
+ libpam-runtime)
+ * Added a depends for libpam-runtime to libpam0g (was supposed to be
+ there, must have deleted it)
+ * Removed empty /usr/bin from libpam-runtime (old directory where
+ upperLOWER was)
+
+ -- Ben Collins <bcollins@debian.org> Wed, 24 Feb 1999 13:14:25 -0500
+
+pam (0.66-5) unstable; urgency=low
+
+ * Removed harcoded libc6 dependency from libpam0g-dev and changed it to
+ libc6-dev. closes: #33615
+ * Added md5 flag for pam_unix_passwd.so
+ * Removed upperLOWER program since it is just an example. Moved it's
+ source to the examples directory in libpam-modules
+ * Fixed documentation of pam_strerror() and examples. closes #31142
+ * Made pam_unix_passwd.so leave /etc/shadow mode 640 and root.shadow
+ after changes
+ * Fixed problem in pam_unix_auth that didn't let you su from a normal
+ user to another normal user (ie. neither one was root)
+ * Closing misc fixed bugs. closes #32809, #32274 (have been fixed,
+ just need closing)
+ * Tested lockvc with pam support, works for normal users (pam_pwdb)
+ closes: #31150
+ * Changed /var/log/wtmp in pam_lastlog docs to reflect correct
+ /var/log/lastlog file. closes: #26544
+ * Added -ldl to libpam.so, so apps don't have to
+
+ -- Ben Collins <bcollins@debian.org> Fri, 19 Feb 1999 18:47:30 -0500
+
+pam (0.66-4) unstable; urgency=low
+
+ * Changed pwdb_chkpwd to sgid shadow instead of suid root since it only
+ needs read permissions to /etc/shadow and not write.
+ * Moved a lot of files arouns to get rid of libpam-runtime dependencies
+ * Put libpam-pwdb into it's own package
+ * Removed -lpwdb links for modules since libpwdb is somewhat buggy (or
+ alteast it's interaction with libpam is)
+ * Fixed bug in pam_unix_passwd.so that caused it to never authenticate
+ the correct passwd, making it so you couldn't change the passwd
+
+ -- Ben Collins <bcollins@debian.org> Tue, 16 Feb 1999 15:50:28 -0500
+
+pam (0.66-3) unstable; urgency=low
+
+ * Fixed defaults in /etc/pam.d/other to be pam_unix_*.so modules instead
+ of the accidental pam_pwdb.so module
+ * Fixed suid of pwdb_chkpwd (had to move dh_fixperms after
+ dh_suidregister)
+ * Added Replaces: libpam0g-util in order to help dpkg upgrade from
+ older packages
+ * Applied glibc 2.1 patch from Christian Meder. closes: #32809
+ * Moved libpam-doc to Section doc. closes: #32274
+
+ -- Ben Collins <bcollins@debian.org> Fri, 12 Feb 1999 02:01:43 -0500
+
+pam (0.66-2) unstable; urgency=low
+
+ * Removed all of the versioned module stuff. Modules are now in
+ /lib/security and stay there. Seems after discussion, that modules may
+ not change as often as thought
+ * Fixed suidregister for pwdb_chkpwd
+ * Fixed incomplete descriptions in control file
+ * This is a kludge to close some bugs since the last upload was yanked
+ before being installed in the archive, closes: #16882, #30862, #7725,
+ #10234, #10406, #12210, #14291, #15528, #15529, #20660, #25330,
+ #29868, #31088, #31128, #9131, #9919, #19383, #5132, #14533, #25915,
+ #28075, #31548, #31191
+
+ -- Ben Collins <bcollins@debian.org> Tue, 2 Feb 1999 12:47:25 -0500
+
+pam (0.66-1) unstable; urgency=low
+
+ * New maintainer
+ * New upstream release. closes: #16882, #30862, #7725
+ * Created a better split of the main lib and the runtime to kill the
+ circular dependencies and make it possible to have two .so version of
+ the library installed for upgrades. closes: #10234, #10406, #12210,
+ bug #14291, #15528, #15529, #20660, #25330, #29868, #31088, #31128,
+ bug #9131, #9919.
+ * Harcoded modules directory prefixed with the .so version, and
+ used alternatives to create the symlink to the 'default' modules
+ directory. libpam will use the full path when specified, but use the
+ versioned modules directory for relative names.
+ * Put libpam0g-cracklib modules back in (own package). This means that
+ cracklib support is _not_ in the static libpam.a, also cracklib
+ support is _not_ in pam_unix_passwd.o, but only in pam_cracklib.so
+ by itself.
+ * Fixed a few typos in the source causing compile errors
+ * Fixed source #include's so that pam _didn't_ have to be installed
+ in order to compile the source ( changed from <> to "" )
+ * Removed empty directories from built packages
+ * Opted not to build examples, only going to put *.c files in examples
+ directory for libpam0g-dev
+ * Moved *.sgml files for modules into their own directory (looks like
+ that is what the original maintainer wanted to do, but it didn't go)
+ * Moved doc build to arch-indep build in rules so that it doesn't get
+ built when specifying -B with debuild/dpkg-buildpackage.
+ * Moved `touch .quiet...' to build-stamp in order to have -B builds not
+ ask about pam.conf
+ * Split out non-standard modules to their own package, so as to make the
+ base install smaller (planning for base inclusion here)
+ * Created small manpage for pwdb_chkpwd. closes: #10941
+ * The Copright file in /usr/doc/*/ was already named copright and not
+ compressed. closes: #14533
+ * Package is now lintian clean. closes #19383, #5132
+ * There is a maintainer now and the patch for #25915 is still included
+ so.... closes: #25915
+ * Added check for editor backup files in /etc/pam.d (*~). closes: #28075
+ * Applied patch for md5.h in pam_pwdb module. closes: #31548
+ * Added support for dhelp in libpam-doc. closes: #31191
+
+ -- Ben Collins <bcollins@debian.org> Wed, 20 Jan 1999 07:09:15 -0500
+
+pam (0.65-0.8) frozen unstable; urgency=high
+
+ * Marked PAM as orphaned, given that there has been no maintainer upload
+ in almost two years.
+ * [defs/debian.defs] Removed superflous cracklib2 dependency.
+ (Urgent as cracklib still has release-critical bugs).
+ (Fixes #30862).
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Wed, 20 Jan 1999 09:34:35 +0100
+
+pam (0.65-0.7) frozen unstable; urgency=high
+
+ * Fixed security vulnerability in the pam_unix and pam_tally modules
+ (reported by Michal Zalewski on bugtraq; patch
+ A000-SECURITY-PATCH-0.65-and-below.gz by Andrey V. Savochkin).
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Tue, 29 Dec 1998 16:20:18 +0100
+
+pam (0.65-0.6) unstable; urgency=high
+
+ * Fixed distribution of files over the various packages, which was
+ severely messed up.
+ * Added appropriate Replaces: to ensure upgrading from both the hamm
+ version and previous slink versions.
+ * Fixed debug libraries, PAM module loading.
+ * Added examples.
+ * Added a "pam-undocumented" manpage pointing to libpam-doc, and
+ made links for functions without a manpage to that.
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Sun, 11 Oct 1998 19:29:40 +0200
+
+pam (0.65-0.5) unstable; urgency=low
+
+ * Rewritten the preinst warning text (it still mentioned the search path).
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 9 Oct 1998 14:23:18 +0200
+
+pam (0.65-0.4) unstable; urgency=high
+
+ * It looks like I misunderstood DEFAULT_MODULE_PATH: Linux-PAM does not
+ currently seem to be easily configured to look for modules in more than
+ one directory. With this version, it's configured to look only in
+ /lib/security .
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 9 Oct 1998 11:43:34 +0200
+
+pam (0.65-0.3) unstable; urgency=medium
+
+ * Moving the PAM modules to /lib/security broke netatalk.
+ Added a preinst script to detect /etc/pam.d files with explicit paths to
+ PAM modules, give a warning about them, and offer to abort the install
+ (Fixes #27514).
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Tue, 6 Oct 1998 20:10:43 +0200
+
+pam (0.65-0.2) unstable; urgency=low
+
+ * Argh. The tools didn't recognise -0.1 as a new upstream release, so
+ my previous upload was rejected due to a missing .orig.tar.gz .
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Sun, 4 Oct 1998 17:15:09 +0200
+
+pam (0.65-0.1) experimental; urgency=low
+
+ * New upstream version.
+ * Non-maintainer upload.
+ * Major package overhaul; now uses debhelper.
+ * In experimental for now. *Please* provide feedback; if the feedback is
+ positive, we can put this in slink.
+ * Dropped libc5 support.
+ * [libpam/pam_static.c] Fixed compilation: "pamh" was undefined; use "NULL".
+ is this the correct fix?
+ * [defs/debian.defs] New.
+ * [Makefile]
+ * Exit when a make in a subdirectory fails.
+ * Compile statically too.
+ * New variables: LC, LP, LPLIBS, DEFAULT_MODULE_PATH .
+ * [libpam/Makefile]
+ * Use DEFAULT_MODULE_PATH if nonempty.
+ * Link libpam against LPLIBS.
+ * [modules/*/Makefile]
+ * Link the dynamic security objects against libpam and libc
+ (LP and LC).
+ * [modules/pam_pwdb/Makefile]
+ * Link dynamic security objects against libcrypt and libnsl.
+ * [conf/install_conf] Allow for non-interactive install (as the other
+ install_conf scripts already did).
+ * Automatically determine the list of /etc/security/* conffiles.
+ * Moved libpam to /lib, and PAM modules to /lib/security as they will
+ become part of the base system in the future.
+ * Built without cracklib support, to keep the base system smaller.
+ * /sbin/pwdb_chkpwd is undocumented, as is upperLOWER.
+
+ -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 2 Oct 1998 20:23:27 +0200
+
+pam (0.57b-0.4) unstable; urgency=high
+
+ * Non maintainer upload
+ My previous upload had removed the libc5 stuff from the controlfile
+ messing up things. Change 'Architecture: any' to 'i386 m68k' for those
+ .deb's instead.
+
+ -- Turbo Fredriksson <turbo@debian.org> Thu, 20 Aug 1998 20:06:50 -0400
+
+pam (0.57b-0.3) unstable; urgency=high
+
+ * Non maintainer upload
+ On a glibc2.1 system, XCASE is only defined in the <bits/termios.h>
+ _IF_ '__USE_MISC' or '__USE_UNIX98' is defined.
+
+ -- Turbo Fredriksson <turbo@debian.org> Sun, 16 Aug 1998 22:13:45 -0400
+
+pam (0.57b-0.2) unstable; urgency=high
+
+ * Yet another non-maintainer release.
+ * Zero changes; simply a re-upload due to a rm-trigger happy release
+ ``manager''.
+
+ -- James Troup <jjtroup@comp.brad.ac.uk> Tue, 17 Mar 1998 19:55:16 +0100
+
+pam (0.57b-0.1) unstable; urgency=medium
+
+ * Non-maintainer release.
+ * debian/control (Standards-Version): Updated to 2.4.0.0.
+ * debian/control (libpam0g-dev): Also conflict with libpam-dbg.
+ * debian/postinst: use case statement instead of if.
+ * debian/rules (COMPAT_ARCHES): removed sparc.
+ * debian/rules (binary-libc6-dev, binary-libc5-altdev): strip static libraries with
+ --strip-debug, not --strip-unneeded.
+ * debian/rules: each package now has it's own doc directory under
+ /usr/doc/, containing at least the copyright file (Policy 5.6).
+ * debian/rules: install files with `install -m 644' not `cp -p' to avoid
+ read-only files.
+ * debian/rules (binary-libc6-util): strip /usr/lib/*/security/*.so with
+ --strip-unneeded.
+ * debian/rules (binary-libc5-util): ditto.
+ * debian/rules (binary-libc5): don't depend on binary-libc5.
+
+ -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 7 Mar 1998 18:04:19 +0100
+
+pam (0.57b-0) unstable; urgency=medium
+
+ * Non-maintainer release.
+ * New upstream version.
+ * Doesn't use pristine upstream source as the upstream tar ball is broken.
+ * Added libc6 libraries libpam0g, libpam0g-dev, libpam0g-dbg and
+ libpam0g-util. [#11697]
+ * libpam-dev becomes libpam0-altdev, libpam-util -> libpam0-altutil and
+ libpam-dbg is removed.
+ * libpam0 depends on libpam0g because libpam0g contains the pam conffile.
+ * libpam0-util depends on libpam0g-util because libpam0g contains the binary.
+ * Compiled with -D_REENTRANT and link with -lc.
+ * Fixed permissions on shared libraries.
+ * Corrected syntax of /etc/pam.d/other. [#10497, #10758, #12030]
+ * Fixed typos in postinst. [#10474, #11365]
+ * Made /etc/pam.conf a conffile.
+ * Updated URL in copyright file.
+ * Removed over-zelaously installed README* files from libpam-doc.
+
+ -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 22 Nov 1997 17:54:30 +0100
+
+pam (0.56-2) unstable; urgency=low
+
+ * Added /etc/pam.d/other with policy 'deny'.
+ * Add manual pages for PAM security modules.
+
+ -- Klee Dienes <klee@debian.org> Sat, 15 Mar 1997 22:33:22 -0500
+
+pam (0.56-1) unstable; urgency=low
+
+ * New upstream release.
+ * Converted to new packaging format.
+ * Reorganization of package structure (-dev, -dbg, etc).
+
+ -- Klee Dienes <klee@debian.org> Sat, 8 Mar 1997 01:21:17 -0500