| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
pam (1.1.8-3.5) unstable; urgency=medium
* Non-maintainer upload.
* Build-Depend on libfl-dev:native as well, for cross builds.
Re-closes: #846459
* Fix "Unescaped left brace in regex" with Perl 5.22. Closes: #810873
|
| |
|
|
|
|
|
|
|
| |
pam (1.1.8-3.4) unstable; urgency=medium
* Non-maintainer upload.
* Add libfl-dev to Build-Depends, fixing FTBFS. Closes: #846459
* Move xsl stuff to Build-Depends from -Indep to fix misbuilt manpages.
Closes: #812566
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
pam (1.1.8-3.3) unstable; urgency=low
* Non-maintainer upload.
[ Steve Langasek ]
* Updated Swedish translation to correct a typo, thanks to Anders Jonsson
and Martin Bagge. Closes: #743875
* Updated Turkish translation, thanks to Mert Dirik <mertdirik@gmail.com>.
(closes: #756756)
* d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak@ubuntu.com> for the patch. Closes: #783105.
* Acknowledge security NMU.
* pam-auth-update: don't mishandle trailing whitespace in profiles.
LP: #1487103.
[ Laurent Bigonville ]
* debian/control: Fix Vcs-* and Homepage fields (Closes: #752343)
* debian/watch: Update watch file and point it to http://www.linux-pam.org
* debian/patches-applied/pam_namespace_fix_bashism.patch: Fix bashism in
namespace.init script (Closes: #624842)
* debian/control: Build-depends against debhelper (>= 9) to match the
defined debhelper compatibility
* Rename the cve-2011-4708.patch to cve-2010-4708.patch to match reality,
thanks to Jakub Wilk <jwilk@debian.org> for noticing (Closes: #761594)
* debian/control: Bump Standards-Version to 3.9.8 (no further changes)
* debian/libpam-doc.doc-base.applications-guide: Fix spelling
* debian/libpam0g-dev.examples: Do not use shell brace expansion
* debian/patches-applied/pam-loginuid-in-containers: Updated with the version
from Ubuntu, this should fix logins in containers (Closes: #726661)
* debian/patches-applied/update-motd: Updated with the version from Ubuntu:
use /run/motd.dynamic instead of /var/run/motd, nothing in the archive
uses the later (Closes: #743286)
* debian/patches-applied/make_documentation_reproducible.patch: Make the
build reproducible, removes differences when building with different
locale values (Closes: #792127)
|
| | |
| |
| |
| |
| | |
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak@ubuntu.com> for the patch. Closes: #783105.
|
| | |
| |
| |
| | |
(closes: #756756)
|
| | |
| |
| |
| | |
and Martin Bagge. Closes: #743875
|
| | |
| |
| |
| |
| |
| |
| |
| | |
pam (1.1.8-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2015-3238: DoS/user enumeration due to blocking pipe in pam_unix
module (Closes: #789986)
|
| |/
|
|
|
|
|
|
|
|
| |
pam (1.1.8-3.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-7041: case-insensitive comparison used for verifying
passwords in the pam_userdb module (closes: #731368).
* Fix CVE-2014-2583: multiple directory traversal issues in the
pam_timestamp module (closes: 757555)
|
| | |
|
| |
|
|
|
|
| |
will not dynamically switch between the libc stubs and the libpthread
implementations on this architecture. Thanks to Samuel Thibault for the
patch. Closes: #743891.
|
| | |
|
| |
|
|
| |
available on non-Linux archs. Closes: #737035.
|
| | |
|
| |
|
|
| |
install
|
| | |
|
| |
|
|
|
| |
prematurely removing the PAM config when the package is installed for
multiple architectures. Closes: #647428.
|
| |
|
|
| |
files correctly.
|
| |
|
|
| |
to the libpam-doc package. Closes: #700485.
|
| |
|
|
| |
so that regenerating documentation doesn't cause build skew.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
upstream with a newer, fixed xsltproc.
|
| |\ |
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | | |
* modules/pam_unix/pam_unix_acct.c: Check setuid return value.
* modules/pam_unix/support.c: Likewise.
|
| | | |
| | |
| | |
| | | |
modules/pam_unix/support.c(_set_ctrl): Write to *rounds only if non-NULL.
|
| | | |
| | |
| | |
| | | |
modules/pam_unix/pam_unix_passwd.c: Add missing ')'..
|
| | | | |
|
| | | |
| | |
| | |
| | | |
po/*.po: Updated translations from Transifex.
|
| | | |
| | |
| | |
| | |
| | | |
* modules/pam_exec/pam_exec.c: Add stdout and type= option
* modules/pam_exec/pam_exec.8.xml: Document new options
|
| | | |
| | |
| | |
| | | |
* modules/pam_unix/pam_unix_acct.c: fix last change
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* modules/pam_unix/pam_unix_acct.c: run waitpid in a while loop.
* modules/pam_unix/pam_unix_passwd.c: Likewise.
* modules/pam_unix/support.c: Likewise.
|
| | | |
| | |
| | |
| | | |
doc/man/misc_conv.3.xml: Fix return value of misc_conv
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* modules/pam_sepermit/pam_sepermit.c(get_loginuid): Read loginuid from
/proc
(sepermit_match): Apply the exclusive check only when loginuid not set.
|
| | | |
| | |
| | |
| | | |
* po/*.po: Updated translations from Transifex.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
pam_rootok.c explicitly uses functions from libaudit, so the module has
to be linked with the library.
* modules/pam_rootok/Makefile.am (pam_rootok_la_LIBADD): Add @LIBAUDIT@.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* modules/pam_tty_audit/pam_tty_audit.c (pam_sm_open_session): Replace
all occurrences of HAVE_AUDIT_TTY_STATUS_LOG_PASSWD with
HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD.
* configure.in (HAVE_AUDIT_TTY_STATUS_LOG_PASSWD): Remove.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Most commands are entered one line at a time and processed as complete lines
in non-canonical mode. Commands that interactively require a password, enter
canonical mode with echo set to off to do this. This feature (icanon and
!echo) can be used to avoid logging passwords by audit while still logging the
rest of the command. Adding a member to the struct audit_tty_status passed in
by pam_tty_audit allows control of logging passwords per task.
* configure.in: autoconf bits to conditionally add support at compile time
depending on struct audit_tty_status kernel header version.
* modules/pam_tty_audit/pam_tty_audit.8.xml: Document new pam_tty_audit module
log_passwd option.
* modules/pam_tty_audit/pam_tty_audit.c: (pam_sm_open_session): Added
"log_passwd" option parsing.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
|
| | | |
| | |
| | |
| | |
| | | |
modules/pam_unix/unix_update.8.xml: unix_update helper runs in the
permissive mode as well.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
other one is specified as argument.
* modules/pam_unix/support.c: Add search_key, call from __set_ctrl
* modules/pam_unix/support.h: Add define for /etc/login.defs
* modules/pam_unix/pam_unix.8.xml: Document new behavior.
* modules/pam_umask/pam_umask.c: Add missing NULL pointer check
|
| | | |
| | |
| | |
| | |
| | |
| | | |
modules/pam_access/pam_access.c (netgroup_match): As we did not use
yp_get_default_domain() in the 1.1 branch due to typo in ifdef
we should use it only as fallback.
|
| | | |
| | |
| | |
| | |
| | | |
modules/pam_namespace/md5.c (MD5Final): Use memcpy instead of assignment.
modules/pam_unix/md5.c (MD5Final): Use memcpy instead of assignment.
|
| | | |
| | |
| | |
| | |
| | | |
modules/pam_lastlog/pam_lastlog.c (last_login_failed): Just warn, not fail
on short read or read error.
|
| | | |
| | |
| | |
| | |
| | | |
modules/pam_rootok/pam_rootok.c (log_callback, selinux_check_root): New functions.
(check_for_root): Use the selinux_check_root() instead of checkPasswdAccess.
|
