summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* merge preliminary multiarch supportSteve Langasek2019-01-08
|\
| * merge from squeezeSteve Langasek2019-01-08
| |\
| * | bump replaces on libpam-modulesSteve Langasek2019-01-08
| | |
| * | merge from trunkSteve Langasek2019-01-08
| |\ \
| * | | fix a minor mis-merge (unix_chkpwd in libpam-modules-bin)Steve Langasek2019-01-08
| | | |
| * | | merge from trunkSteve Langasek2019-01-08
| |\ \ \
| * | | | Split libpam-modules into libpam-modules and libpam-modules-bin, so that weSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | only have to have one copy of the helper binaries installed.
| * | | | add the Multi-Arch fields to the packagesSteve Langasek2019-01-08
| | | | |
| * | | | New patch to give us proper multiarch module path lookups in conjunction withSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the non-standard configure arguments in debian/rules: look in /lib/$(DEB_HOST_GNU_TYPE)/security first, then /lib/security as a fallback.
| * | | | treat /lib/security as our 'extra' dir, so thatSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a) the multiarch dir is always preferred, and b) we don't have to have /lib/security on the system to resolve the other path
| * | | | install all our libs and modules in the multiarch pathsSteve Langasek2019-01-08
| | | | |
* | | | | * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:Kees Cook2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | - only report about unknown kernel rlimits when "debug" is set (Closes: 625226, LP: #794531).
* | | | | releasing version 1.1.3-1Steve Langasek2019-01-08
| | | | |
* | | | | bump the minimum version check in maintainer scripts for the restartSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | handling.
* | | | | debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:Steve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | set a better default RLIMIT_MEMLOCK value for BSD kernels. Thanks to Petr Salinger for the fix. Closes: #602902.
* | | | | update symbols file for new symbolsSteve Langasek2019-01-08
| | | | |
* | | | | Fixes CVE-2010-3316 CVE-2010-3430 CVE-2010-3431 CVE-2010-3435.Steve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | Closes: #599832.
* | | | | refresh other patches for new upstream releaseSteve Langasek2019-01-08
| | | | |
* | | | | Port hurd_no_setfsuid patch to new pam_modutil_{drop,restore}_privSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | interface; now possibly upstreamable
* | | | | merge upstream version 1.1.3Steve Langasek2019-01-08
|\ \ \ \ \
| * \ \ \ \ New upstream version 1.1.3Steve Langasek2019-01-03
| |\ \ \ \ \
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: release Commit summary: --------------- 2010-10-28 Thorsten Kukuk <kukuk@thkukuk.de> * release version 1.1.3 * configure.in: Increase version to 1.1.3 * NEWS: document visible changes * libpam/Makefile.am (libpam_la_LDFLAGS): Bump version number.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-27 Thorsten Kukuk <kukuk@thkukuk.de> * doc/adg/Makefile.am: Use UTF-8 for html docu. * doc/mwg/Makefile.am: Likewise. * doc/sag/Makefile.am: Likewise. kernel.org webserver is using UTF-8
| | * | | | | Relevant BUGIDs:Tomas Mraz2010-10-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-22 Tomas Mraz <tm@t8m.info> * modules/pam_namespace/pam_namespace.c (inst_init): Use execle() to execute the init script with clean environment. (CVE-2010-3853) (cleanup_tmpdirs): Likewise for executing rm.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2010-10-21 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_mkhomedir/mkhomedir_helper.c (rec_mkdir): Remove. (create_homedir): Use mkdir() instead of rec_mkdir(). (make_parent_dirs): New function. (main): Use make_parent_dirs() to create parent directories only for the home directory itself.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-21 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_unix/support.c (_unix_getpwnam): Don't allocate unneeded buffer for uid/gid [sf#3059572].
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-20 Thorsten Kukuk <kukuk@thkukuk.de> * doc/man/pam_get_authtok.3.xml: Fix xml code.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-20 Thorsten Kukuk <kukuk@thkukuk.de> * doc/man/Makefile.am: Fix build dependencys of pam_get_authtok.3. * xtests/Makefile.am: Only build xtests if we run xtests.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-20 Thorsten Kukuk <kukuk@thkukuk.de> * configure.in: Check for libdb with symbol versions, too. Patch from Diego Elio Pettenò.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-20 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_mkhomedir/mkhomedir_helper.c (rec_mkdir): Create parent directories always with mode 0755. (create_homedir): Create main directory with mode 0700 at first.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2010-10-19 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_selinux/pam_selinux.c (verbose_message): Remove. (pam_sm_open_session): Call send_text() instead of verbose_message().
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- 2010-10-19 Dmitry V. Levin <ldv@altlinux.org> * m4/ld-no-undefined.m4: New file. * configure.in: Use PAM_LD_NO_UNDEFINED. * Makefile.am (M4_FILES): Add m4/ld-no-undefined.m4.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-19 Dmitry V. Levin <ldv@altlinux.org> * m4/ld-O1.m4 (PAM_LD_O1): Fix typo.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-19 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_selinux/Makefile.am (pam_selinux_la_LIBADD): Add @LIBAUDIT@.
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: documentation Commit summary: --------------- 2010-10-19 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_env/pam_env.8.xml: Document side effects of environment variables in the stack. * modules/pam_exec/pam_exec.8.xml: Document that user can have controll over the environment.
| | * | | | | revert preceding patch; under discussion, no consensusSteve Langasek2010-10-11
| | | | | | |
| | * | | | | Relevant BUGIDs:Tomas Mraz2010-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-11 Tomas Mraz <t8m@centrum.cz> * modules/pam_env/pam_env.c: Change default for user_readenv to 0. * modules/pam_env/pam_env.8.xml: Document the new default for user_readenv.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-07 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_selinux/pam_selinux.c (verbose_message): Fix format string.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-04 Dmitry V. Levin <ldv@altlinux.org> * libpam/pam_modutil_priv.c: New file. * libpam/Makefile.am (libpam_la_SOURCES): Add it. * libpam/include/security/pam_modutil.h (struct pam_modutil_privs, PAM_MODUTIL_DEF_PRIVS, pam_modutil_drop_priv, pam_modutil_regain_priv): New declarations. * libpam/libpam.map (LIBPAM_MODUTIL_1.1.3): New interface. * modules/pam_env/pam_env.c (handle_env): Use new pam_modutil interface. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session, pam_sm_close_session): Likewise. (pam_sm_open_session): Remove redundant fchown call. Fixes CVE-2010-3430, CVE-2010-3431.
| | * | | | | Relevant BUGIDs: #3078936Thorsten Kukuk2010-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-01 Thorsten Kukuk <kukuk@thkukuk.de> * configure.in: Extend cross compiling check. * doc/specs/Makefile.am: Set CFLAGS and LDFLAGS to BUILD_CFLAGS and BUILD_LDFLAGS. Bug #3078936 / gentoo #339174
| | * | | | | Relevant BUGIDs:Thorsten Kukuk2010-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2010-09-30 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_xauth/pam_xauth.c (pam_sm_close_session): Warn if unlink() fails.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-09-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-09-27 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_xauth/pam_xauth.c (pam_sm_close_session): Return PAM_SUCCESS immediately if no cookie file is defined. Return PAM_SESSION_ERR if cookie file is defined but target uid cannot be determined. Do not modify cookiefile string returned by pam_get_data.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-09-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-09-27 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_xauth/pam_xauth.c (check_acl): Check that the given access control file is a regular file.
| | * | | | | Relevant BUGIDs:Dmitry V. Levin2010-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2010-09-16 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_env/pam_env.c (handle_env): Use setfsuid() return code. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session, pam_sm_close_session): Likewise.
* | | | | | | releasing version 1.1.2-3Steve Langasek2019-01-08
| | | | | | |
* | | | | | | Catalan, thanks to Innocent De Marchi <tangram.peces@gmail.com>Steve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | (closes: #622786)
* | | | | | | update the existing 027_pam_limits_better_init_allow_explicit_root patchSteve Langasek2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of creating a new parse-kernel-rlimits.patch, to keep these changes logically grouped together; and add a DEP3 patch header here since we didn't have one before
* | | | | | | merge from trunk since I forgot to pull before adding in the translations,Steve Langasek2019-01-08
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | hmmph
| * | | | | | | parse-kernel-rlimits.patch has been forwarded upstream nowKees Cook2019-01-08
| | | | | | | |
| * | | | | | | debian/patches-applied/parse-kernel-rlimits.patch: load rlimit defaultsKees Cook2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | from the kernel (via /proc/1/limits), instead of continuing to hardcode the settings internally. Fall back to internal defaults when the kernel rlimits are not found. Closes: #620302. (LP: #746655, #391761)
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 14:42:44 +0000