1 files changed, 34 insertions, 0 deletions

diff --git a/debian/changelog b/debian/changelog
index 9c384356..ee1638a0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,37 @@
+pam (1.0.1-7) UNRELEASED; urgency=low
+
+  * 027_pam_limits_better_init_allow_explicit_root:
+    - fix the patch so that our limit resets are actually *applied*, 
+      which has apparently been broken for who knows how long!
+    - shadow the finite kernel defaults for RLIMIT_SIGPENDING and
+      RLIMIT_MSGQUEUE as well, so that the preceding change doesn't
+      suddenly expose systems to DoS or other issues.
+    - include documentation in the patch, giving examples of how to set 
+      limits for root.  Thanks to Jonathan Marsden.
+  * pam-auth-update: swap out known md5sums from intrepid pre-release 
+    versions with the md5sums from the released intrepid version
+  * pam-auth-update: set the umask, so we don't accidentally mark
+    /etc/pam.d/common-* unreadable.  Thanks to Martin Krafft for catching.
+    Closes: #518042.
+
+ -- Steve Langasek <vorlon@debian.org>  Mon, 02 Mar 2009 01:07:43 -0800
+
+pam (1.0.1-6) unstable; urgency=low
+
+  * Updated debconf translations:
+    - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
+  * New patch dont_freeze_password_chain, cherry-picked from upstream:
+    don't always follow the same path through the password stack on
+    the PAM_UPDATE_AUTHTOK pass as was used in the PAM_PRELIM_CHECK
+    pass; this Linux-PAM deviation from the original PAM spec causes a
+    number of problems, in particular causing wrong return values when
+    using the refactored pam-auth-update stack.  LP: #303515, #305882.
+  * debian/local/pam-auth-update (et al): new interface for managing
+    /etc/pam.d/common-*, using drop-in config snippets provided by module
+    packages.
+
+ -- Steve Langasek <vorlon@debian.org>  Sat, 28 Feb 2009 13:36:57 -0800
+
 pam (1.0.1-5) unstable; urgency=low
 
   * Build-conflict with libxcrypt-dev, which otherwise pulls libxcrypt in as