Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #657578) | |||
* | Catalan, thanks to Innocent De Marchi <tangram.peces@gmail.com> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #657489) | |||
* | Polish, thanks to Michał Kułach <michalkulach@gmail.com> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #657476) | |||
* | Japanese, thanks to Kenshi Muto <kmuto@debian.org> (closes: #656834) | Steve Langasek | 2019-01-08 | |
| | ||||
* | Slovak, thanks to Ivan Masár <helix84@centrum.sk> (closes: #656521) | Steve Langasek | 2019-01-08 | |
| | ||||
* | Bulgarian, thanks to Damyan Ivanov <dmn@debian.org> (closes: #656518) | Steve Langasek | 2019-01-08 | |
| | ||||
* | Spanish, thanks to Javier Fernandez-Sanguino Peña <jfs@debian.org> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #654043) | |||
* | German, thanks to Sven Joachim <svenjoac@gmx.de> (closes: #653407) | Steve Langasek | 2019-01-08 | |
| | ||||
* | Portuguese, thanks to Pedro Ribeiro <p.m42.ribeiro@gmail.com> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #652493) | |||
* | Russian, thanks to Yuri Kozlov <yuray@komyakino.ru> (closes: #650867) | Steve Langasek | 2019-01-08 | |
| | ||||
* | Dutch, thanks to Jeroen Schot <schot@A-Eskwadraat.nl> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #650755) | |||
* | French, thanks to Jean-Baka Domelevo Entfellner <domelevo@gmail.com> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #649850) | |||
* | * Updated debconf translations: | Steve Langasek | 2019-01-08 | |
| | | | | - Danish, thanks to Joe Dalton <joedalton2@yahoo.dk> (closes: #648382) | |||
* | releasing version 1.1.3-6 | Steve Langasek | 2019-01-08 | |
| | ||||
* | debian/libpam-runtime.templates, debian/local/pam-auth-update: add a | Steve Langasek | 2019-01-08 | |
| | | | | | new 'title' template, so pam-auth-update doesn't give a blank title when called outside of a maintainer script. LP: #882794. | |||
* | debian/libpam0g.templates, debian/libpam0g.postinst: add a new question, | Steve Langasek | 2019-01-08 | |
| | | | | | | libraries/restart-without-asking, that allows admins to accept the service restarts once for all so that they don't have to repeatedly say "ok". LP: #745004. | |||
* | debian/patches-applied/update-motd: new module option for pam_motd, | Steve Langasek | 2019-01-08 | |
| | | | | | 'noupdate', which suppresses the call to run-parts /etc/update-motd.d. LP: #805423. | |||
* | debian/patches-applied/update-motd: set a sane umask before calling | Steve Langasek | 2019-01-08 | |
| | | | | | run-parts, and restore the old mask afterwards, so /run/motd gets consistent permissions. LP: #871943. | |||
* | debian/libpam0g.postinst: according to Kubuntu developers, kdm no longer | Steve Langasek | 2019-01-08 | |
| | | | | | | | keeps libpam loaded persistently at runtime, so it's not necessary to force a kdm restart on ABI bump. Which is good, since restarting kdm now seems to also log users out of running sessions, which we rather want to avoid. Closes: #632673, LP: #744944. | |||
* | debian/patches-applied/hurd_no_setfsuid: we don't want to check all | Steve Langasek | 2019-01-08 | |
| | | | | | | setre*id() calls; we know that there are situations where some of these may fail but we don't care. As long as the last setre*id() call in each set succeeds, that's the state we mean to be in. | |||
* | releasing version 1.1.3-5 | Steve Langasek | 2019-01-08 | |
| | ||||
* | * debian/patches-applied/pam_env-fix-overflow.patch: fix stack overflow | Kees Cook | 2019-01-08 | |
| | | | | | | in environment file parsing (CVE-2011-3148). * debian/patches-applied/pam_env-fix-dos.patch: fix DoS in environment file parsing (CVE-2011-3149). | |||
* | debian/patches-applied/update-motd: correctly clear environment when | Kees Cook | 2019-01-08 | |
| | | | | building motd. | |||
* | debian/patches-applied/hurd_no_setfsuid: check all set*id() calls. | Kees Cook | 2019-01-08 | |
| | ||||
* | debian/patches-applied/{007_modules_pam_unix,055_pam_unix_nullok_secure}: | Kees Cook | 2019-01-08 | |
| | | | | drop unneeded no-op change to reduce delta from upstream. | |||
* | debian/patches-applied/022_pam_unix_group_time_miscfixes, | Kees Cook | 2019-01-08 | |
| | | | | | | debian/patches-applied/026_pam_unix_passwd_unknown_user, debian/patches-applied/054_pam_security_abstract_securetty_handling: improve descriptions. | |||
* | * debian/patches-applied/008_modules_pam_limits_chroot: | Kees Cook | 2019-01-08 | |
| | | | | | - fix off-by-one when parsing configuration file. - when using chroot, chdir() to root to lose links to old tree. | |||
* | debian/patches-applied/pam_unix_dont_trust_chkpwd_caller.patch: use | Kees Cook | 2019-01-08 | |
| | | | | setresgid() to wipe out saved-gid just in case. | |||
* | releasing version 1.1.3-4 | Steve Langasek | 2019-01-08 | |
| | ||||
* | Make sure shared library links are also installed to the multiarch | Steve Langasek | 2019-01-08 | |
| | | | | | | directory, not just the .a files; otherwise the static libs get found first by the linker. Thanks to Russ Allbery for catching this. Closes: #642952. | |||
* | releasing version 1.1.3-3 | Steve Langasek | 2019-01-08 | |
| | ||||
* | Don't set --sbindir when calling configure; upstream takes care of this | Steve Langasek | 2019-01-08 | |
| | | | | for us | |||
* | Build-depend on debhelper 8.9.4 and bump debian/compat to 9 for | Steve Langasek | 2019-01-08 | |
| | | | | | dpkg-buildflags integration, and drop manual setting of -g -O options in CFLAGS now that we can let dh do it for us | |||
* | debian/control: adjust the package descriptions, as the current ones | Steve Langasek | 2019-01-08 | |
| | | | | | | use some awkward language that's gone unnoticed for a long time. Thanks to Martin Eberhard Schauer <Martin.E.Schauer@gmx.de> for pointing this out. Closes: #633863. | |||
* | Move debian/libpam0g-dev.install to debian/libpam0g-dev.install.in | Steve Langasek | 2019-01-08 | |
| | | | | | | and substitute the multiarch path at build time, so our .a files go to the multiarch dir instead of to /usr/lib. Thanks to Riku Voipio for pointing out the bug. | |||
* | Look for /etc/init.d/postgresql, not /etc/init.d/postgresql-8.{2,3}, | Steve Langasek | 2019-01-08 | |
| | | | | | for service restarts; the latter are obsolete since squeeze. Closes: #631511. | |||
* | releasing version 1.1.3-2 | Steve Langasek | 2019-01-08 | |
| | ||||
* | debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Steve Langasek | 2019-01-08 | |
| | | | | | | don't reset the process niceness for root; since it's root, they can still renice to a lower nice level if they need to and changing the nice level by default is unexpected behavior. Closes: #594377. | |||
* | close the ia32-libs bug in the changelog, whee! | Steve Langasek | 2019-01-08 | |
| | ||||
* | * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Kees Cook | 2019-01-08 | |
| | | | | | - only report about unknown kernel rlimits when "debug" is set (Closes: 625226, LP: #794531). | |||
* | releasing version 1.1.3-1 | Steve Langasek | 2019-01-08 | |
| | ||||
* | bump the minimum version check in maintainer scripts for the restart | Steve Langasek | 2019-01-08 | |
| | | | | handling. | |||
* | debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Steve Langasek | 2019-01-08 | |
| | | | | | set a better default RLIMIT_MEMLOCK value for BSD kernels. Thanks to Petr Salinger for the fix. Closes: #602902. | |||
* | Fixes CVE-2010-3316 CVE-2010-3430 CVE-2010-3431 CVE-2010-3435. | Steve Langasek | 2019-01-08 | |
| | | | | Closes: #599832. | |||
* | Port hurd_no_setfsuid patch to new pam_modutil_{drop,restore}_priv | Steve Langasek | 2019-01-08 | |
| | | | | interface; now possibly upstreamable | |||
* | releasing version 1.1.2-3 | Steve Langasek | 2019-01-08 | |
| | ||||
* | Catalan, thanks to Innocent De Marchi <tangram.peces@gmail.com> | Steve Langasek | 2019-01-08 | |
| | | | | (closes: #622786) | |||
* | update the existing 027_pam_limits_better_init_allow_explicit_root patch | Steve Langasek | 2019-01-08 | |
| | | | | | | instead of creating a new parse-kernel-rlimits.patch, to keep these changes logically grouped together; and add a DEP3 patch header here since we didn't have one before | |||
* | merge from trunk since I forgot to pull before adding in the translations, | Steve Langasek | 2019-01-08 | |
|\ | | | | | | | hmmph | |||
| * | debian/patches-applied/parse-kernel-rlimits.patch: load rlimit defaults | Kees Cook | 2019-01-08 | |
| | | | | | | | | | | | | from the kernel (via /proc/1/limits), instead of continuing to hardcode the settings internally. Fall back to internal defaults when the kernel rlimits are not found. Closes: #620302. (LP: #746655, #391761) |