summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Import Debian changes 1.1.8-3.2Tianon Gravi2019-01-08
| | | | | | | | pam (1.1.8-3.2) unstable; urgency=medium * Non-maintainer upload. * Fix CVE-2015-3238: DoS/user enumeration due to blocking pipe in pam_unix module (Closes: #789986)
* Import Debian changes 1.1.8-3.1Michael Gilbert2019-01-08
| | | | | | | | | | pam (1.1.8-3.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2013-7041: case-insensitive comparison used for verifying passwords in the pam_userdb module (closes: #731368). * Fix CVE-2014-2583: multiple directory traversal issues in the pam_timestamp module (closes: 757555)
* releasing version 1.1.8-3Steve Langasek2019-01-08
|
* debian/rules: On hurd, link libpam explicitly with -lpthread since glibcSteve Langasek2019-01-08
| | | | | | will not dynamically switch between the libc stubs and the libpthread implementations on this architecture. Thanks to Samuel Thibault for the patch. Closes: #743891.
* releasing version 1.1.8-2Steve Langasek2019-01-08
|
* Mark the libaudit-dev build-dependency linux-any, since it's notSteve Langasek2019-01-08
| | | | available on non-Linux archs. Closes: #737035.
* releasing package pam version 1.1.8-1Steve Langasek2019-01-08
|
* Properly regen the contents of PAM.8, so that it will be renamed to PAM.7 on ↵Steve Langasek2019-01-08
| | | | install
* Add missing patch to autogenerated pam_env.8Steve Langasek2019-01-08
|
* debian/libpam-cracklib.prerm: use $DPKG_MAINTSCRIPT_PACKAGE_COUNT to avoidSteve Langasek2019-01-08
| | | | | prematurely removing the PAM config when the package is installed for multiple architectures. Closes: #647428.
* No need to override dh_compress in debian/rules, it already handles .htmlSteve Langasek2019-01-08
| | | | files correctly.
* Drop the --disable-regenerate-docu argument, restoring the HTML manualsSteve Langasek2019-01-08
| | | | to the libpam-doc package. Closes: #700485.
* Ensure autogenerated files are after source files in all relevant patches,Steve Langasek2019-01-08
| | | | so that regenerating documentation doesn't cause build skew.
* Drop another couple of patches that are already upstreamSteve Langasek2019-01-08
|
* Document bug closureSteve Langasek2019-01-08
|
* Document bug closureSteve Langasek2019-01-08
|
* Document bug closureSteve Langasek2019-01-08
|
* Document bug closureSteve Langasek2019-01-08
|
* Document bug closureSteve Langasek2019-01-08
|
* Add build-dependency on pkg-config.Steve Langasek2019-01-08
|
* Another round of patch refreshingSteve Langasek2019-01-08
|
* debian/patches/fix-manpage-crud: drop, manpages now being generatedSteve Langasek2019-01-08
| | | | upstream with a newer, fixed xsltproc.
* Merge upstream version 1.1.8Steve Langasek2019-01-08
|\
| * New upstream version 1.1.8Steve Langasek2019-01-03
| |\
| | * Check return value of setuid to remove glibc warnings.Thorsten Kukuk2013-09-16
| | | | | | | | | | | | | | | * modules/pam_unix/pam_unix_acct.c: Check setuid return value. * modules/pam_unix/support.c: Likewise.
| | * Write to *rounds only if non-NULL.Tomas Mraz2013-09-13
| | | | | | | | | | | | modules/pam_unix/support.c(_set_ctrl): Write to *rounds only if non-NULL.
| | * Add missing ')'Tomas Mraz2013-09-13
| | | | | | | | | | | | modules/pam_unix/pam_unix_passwd.c: Add missing ')'..
| | * Release version 1.1.7Thorsten Kukuk2013-09-11
| | |
| | * Updated translations from Transifex.Tomas Mraz2013-09-11
| | | | | | | | | | | | po/*.po: Updated translations from Transifex.
| | * Extend pam_exec by stdout and type= options (ticket #8):Thorsten Kukuk2013-09-04
| | | | | | | | | | | | | | | * modules/pam_exec/pam_exec.c: Add stdout and type= option * modules/pam_exec/pam_exec.8.xml: Document new options
| | * Fix compile errorThorsten Kukuk2013-08-30
| | | | | | | | | | | | * modules/pam_unix/pam_unix_acct.c: fix last change
| | * Restart waitpid if it returns with EINTR (ticket #17)Thorsten Kukuk2013-08-29
| | | | | | | | | | | | | | | | | | * modules/pam_unix/pam_unix_acct.c: run waitpid in a while loop. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_unix/support.c: Likewise.
| | * misc_conv.3: Fix documentation of misc_convThorsten Kukuk2013-08-28
| | | | | | | | | | | | doc/man/misc_conv.3.xml: Fix return value of misc_conv
| | * Apply the exclusive check in pam_sepermit only when loginuid not set.Tomas Mraz2013-08-23
| | | | | | | | | | | | | | | | | | * modules/pam_sepermit/pam_sepermit.c(get_loginuid): Read loginuid from /proc (sepermit_match): Apply the exclusive check only when loginuid not set.
| | * Updated translations from Transifex.Tomas Mraz2013-08-22
| | | | | | | | | | | | * po/*.po: Updated translations from Transifex.
| | * pam_rootok: fix linking in --enable-audit modeDmitry V. Levin2013-07-01
| | | | | | | | | | | | | | | | | | | | | pam_rootok.c explicitly uses functions from libaudit, so the module has to be linked with the library. * modules/pam_rootok/Makefile.am (pam_rootok_la_LIBADD): Add @LIBAUDIT@.
| | * pam_tty_audit: fix a typo that crept in during patch reviewRichard Guy Briggs2013-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * modules/pam_tty_audit/pam_tty_audit.c (pam_sm_open_session): Replace all occurrences of HAVE_AUDIT_TTY_STATUS_LOG_PASSWD with HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD. * configure.in (HAVE_AUDIT_TTY_STATUS_LOG_PASSWD): Remove. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
| | * pam_tty_audit: add an option to control logging of passwords: log_passwdRichard Guy Briggs2013-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most commands are entered one line at a time and processed as complete lines in non-canonical mode. Commands that interactively require a password, enter canonical mode with echo set to off to do this. This feature (icanon and !echo) can be used to avoid logging passwords by audit while still logging the rest of the command. Adding a member to the struct audit_tty_status passed in by pam_tty_audit allows control of logging passwords per task. * configure.in: autoconf bits to conditionally add support at compile time depending on struct audit_tty_status kernel header version. * modules/pam_tty_audit/pam_tty_audit.8.xml: Document new pam_tty_audit module log_passwd option. * modules/pam_tty_audit/pam_tty_audit.c: (pam_sm_open_session): Added "log_passwd" option parsing. Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
| | * Man page fix - unix_update runs in the permissive mode as well.Tomas Mraz2013-06-20
| | | | | | | | | | | | | | | modules/pam_unix/unix_update.8.xml: unix_update helper runs in the permissive mode as well.
| | * Use hash from /etc/login.defs as default if noThorsten Kukuk2013-06-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | other one is specified as argument. * modules/pam_unix/support.c: Add search_key, call from __set_ctrl * modules/pam_unix/support.h: Add define for /etc/login.defs * modules/pam_unix/pam_unix.8.xml: Document new behavior. * modules/pam_umask/pam_umask.c: Add missing NULL pointer check
| | * pam_access: better not change the default function used to get domain name.Tomas Mraz2013-04-12
| | | | | | | | | | | | | | | | | | modules/pam_access/pam_access.c (netgroup_match): As we did not use yp_get_default_domain() in the 1.1 branch due to typo in ifdef we should use it only as fallback.
| | * Fix strict aliasing issue in MD5 implementations.Tomas Mraz2013-03-28
| | | | | | | | | | | | | | | modules/pam_namespace/md5.c (MD5Final): Use memcpy instead of assignment. modules/pam_unix/md5.c (MD5Final): Use memcpy instead of assignment.
| | * pam_lastlog: Do not fail on short read if btmp is corrupted.Tomas Mraz2013-03-22
| | | | | | | | | | | | | | | modules/pam_lastlog/pam_lastlog.c (last_login_failed): Just warn, not fail on short read or read error.
| | * pam_rootok: Allow proper logging of the user AVC if access disallowed by SELinuxTomas Mraz2013-03-22
| | | | | | | | | | | | | | | modules/pam_rootok/pam_rootok.c (log_callback, selinux_check_root): New functions. (check_for_root): Use the selinux_check_root() instead of checkPasswdAccess.
| | * Add checks for crypt() returning NULL.Tomas Mraz2013-02-08
| | | | | | | | | | | | | | | modules/pam_pwhistory/opasswd.c (compare_password): Add check for crypt() NULL return. modules/pam_unix/bigcrypt.c (bigcrypt): Likewise.
| | * pam_userdb: Allow also modern password hashes supported by crypt().Tomas Mraz2013-02-07
| | | | | | | | | | | | | | | modules/pam_userdb/pam_userdb.c (user_lookup): Allow password hashes longer than 13 characters and long salt.
| | * pam_access: fix typo in ifdefWalter de Jong2013-01-18
| | | | | | | | | | | | | | | modules/pam_access/pam_access.c (netgroup_match): Fix typo in #ifdef HAVE_YP_GET_DEFAULT_DOMAIN.
| | * pam_cracklib: Mention checks that are not run for root.Tomas Mraz2012-12-20
| | | | | | | | | | | | | | | modules/pam_cracklib/pam_cracklib.8.xml: Add note about checks when run as root.
| | * Update also the POT file.Tomas Mraz2012-12-20
| | | | | | | | | | | | po/Linux-PAM.pot: Update to reflect current sources.
| | * Updated translations from Transifex, added new languages.Tomas Mraz2012-12-12
| | | | | | | | | | | | | | | po/LINGUAS: Added new languages. po/*.po: Updated translations from Transifex including new languages.
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-16 08:58:30 +0000