Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Slovak, thanks to Ivan Masár <helix84@centrum.sk> (closes: #518341) | Steve Langasek | 2019-01-08 |
| | |||
* | Japanese, thanks to Kenshi Muto <kmuto@debian.org> (closes: #518335) | Steve Langasek | 2019-01-08 |
| | |||
* | Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au> | Steve Langasek | 2019-01-08 |
| | | | | (closes: #518329) | ||
* | Swedish, thanks to Martin Bagge <brother@bsnet.se> (closes: #518324) | Steve Langasek | 2019-01-08 |
| | |||
* | Spanish, thanks to Javier Fernandez-Sanguino Peña <jfs@debian.org> | Steve Langasek | 2019-01-08 |
| | | | | (closes: #518214) | ||
* | * Updated debconf translations: | Steve Langasek | 2019-01-08 |
| | | | | - Bulgarian, thanks to Damyan Ivanov <dmn@debian.org> (closes: #518121) | ||
* | releasing version 1.0.1-7 | Steve Langasek | 2019-01-08 |
| | |||
* | pam-auth-update: set the umask, so we don't accidentally mark | Steve Langasek | 2019-01-08 |
|\ | | | | | | | | | /etc/pam.d/common-* unreadable. Thanks to Martin Krafft for catching. Closes: #518042. | ||
* | | pam-auth-update: swap out known md5sums from intrepid pre-release | Steve Langasek | 2019-01-08 |
| | | | | | | | | versions with the md5sums from the released intrepid version | ||
* | | include documentation in the patch, giving examples of how to set | Steve Langasek | 2019-01-08 |
| | | | | | | | | limits for root. Thanks to Jonathan Marsden. | ||
* | | revert the 'fix' for bug #515673, since this isn't really a bug at all. | Steve Langasek | 2019-01-08 |
| | | |||
* | | prettify the changelog | Steve Langasek | 2019-01-08 |
| | | |||
* | | shadow the finite kernel defaults for RLIMIT_SIGPENDING and | Steve Langasek | 2019-01-08 |
| | | | | | | | | | | RLIMIT_MSGQUEUE as well, so that the preceding changes don't suddenly expose systems to DoS or other issues. | ||
* | | 027_pam_limits_better_init_allow_explicit_root: also fix the patch so | Steve Langasek | 2019-01-08 |
| | | | | | | | | | | that our limit resets are actually *applied*, which has apparently been broken for who knows how long! | ||
* | | 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY may or may | Steve Langasek | 2019-01-08 |
| | | | | | | | | | | | | | | not be invalid for RLIMIT_NOFILE, but we don't want to set a hard limit of 1024 by default; try to set this limit to the value of /proc/sys/fs/nr_open if we can, or fall back to RLIM_INFINITY. Closes: #515673, LP: #327597. | ||
* | | releasing version 1.0.1-6 | Steve Langasek | 2019-01-08 |
| | | |||
* | | fix-up commit to match 1.1.0-6 from the archive | Steve Langasek | 2019-01-08 |
| | | |||
* | | New patch dont_freeze_password_chain, cherry-picked from upstream: | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | | | | | | | don't always follow the same path through the password stack on the PAM_UPDATE_AUTHTOK pass as was used in the PAM_PRELIM_CHECK pass; this Linux-PAM deviation from the original PAM spec causes a number of problems, in particular causing wrong return values when using the refactored pam-auth-update stack. LP: #303515, #305882. | ||
* | | * Updated debconf translations: | Steve Langasek | 2019-01-03 |
|/ | | | | - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au> | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | Updated Portuguese debconf translation | Américo Monteiro | 2019-01-03 |
| | |||
* | Updated Basque debconf translation | Piarres Beobide | 2019-01-03 |
| | |||
* | Updated Russian debconf translation | Yuri Kozlov | 2019-01-03 |
| | |||
* | Updated Turkish debconf translation | Mert Dirik | 2019-01-03 |
| | |||
* | Updated German debconf translation | Sven Joachim | 2019-01-03 |
| | |||
* | Updated French debconf translation | Steve Petruzzello | 2019-01-03 |
| | |||
* | Updated Czech debconf translation | unknown | 2019-01-03 |
| | |||
* | Updated Bulgarian debconf translation | Damyan Ivanov | 2019-01-03 |
| | |||
* | Updated Slovak debconf translation | helix84 | 2019-01-03 |
| | |||
* | Updated Galician debconf translation | Marce Villarino | 2019-01-03 |
| | |||
* | Updated Spanish debconf translation | Javier Fernandez-Sanguino Peña | 2019-01-03 |
| | |||
* | Updated Finnish debconf translation | Esko Arajärvi | 2019-01-03 |
| | |||
* | Updated Japanese debconf translation | Kenshi Muto | 2019-01-03 |
| | |||
* | Updated Swedish debconf translation | Martin Bagge | 2019-01-03 |
| | |||
* | Updated simplified Chinese debconf translation | Deng Xiyue | 2019-01-03 |
| | |||
* | Updated Italian debconf translation | David Paleino | 2019-01-03 |
| | |||
* | have libpam-modules Pre-Depend on ${misc:Depends} and add a debconf question to | Steve Langasek | 2019-01-03 |
| | | | | | | the libpam-modules preinst, so we can reliably warn users about xscreensaver and xlockmore before libpam-modules is unpacked; at the same time, clean up the text of the libpam0g debconf template to not refer to the screensavers. | ||
* | Have libpam-modules Pre-Depend on its shlibs, to force libpam0g to be | Steve Langasek | 2019-01-03 |
| | | | | | | | configured before libpam-modules is unpacked and allowing us to warn users about needing to disable xscreensaver and xlockmore at the right time without having to add a pre-dependency on debconf to these transitively essential packages. Closes: #502140, LP: #256238. | ||
* | Don't refer to gnome-screensaver in the debconf template; it isn't | Steve Langasek | 2019-01-03 |
| | | | | | actually affected by the libpam symbol issue because it forks a separate process to display the screensaver dialog. | ||
* | Build-conflict with libxcrypt-dev, which otherwise pulls libxcrypt in as | Steve Langasek | 2019-01-03 |
| | | | | | a dependency of libpam-modules if it's installed during the build. Thanks to Larry Doolittle for catching. | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | debian/rules: call chgrp *before* calling chmod, lest the sgid bit | Steve Langasek | 2019-01-03 |
| | | | | | on unix_chkpwd be cleared during the build when using -rsudo. Closes: #496983. | ||
* | 055_pam_unix_nullok_secure: also don't call the helper at all from | Steve Langasek | 2019-01-03 |
| | | | | | | _unix_blankpasswd when we can detect that null passwords are disallowed, to avoid causing spammy logs on successful authentications. Closes: #496620. | ||
* | 007_modules_pam_unix: update the manpage at the same time as the xml | Steve Langasek | 2019-01-03 |
| | | | | source (grr, autogenerated files in source packages). Closes: #495804. | ||
* | document bug closure | Steve Langasek | 2019-01-03 |
| | |||
* | pam_unix-chkpwd-wait: don't assume that the unix_chkpwd process | Julien Cristau | 2019-01-03 |
| | | | | | | exits normally; if it was killed by a signal, we don't want to accept the password. | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | 055_pam_unix_nullok_secure: don't call _pammodutil_tty_secure with a NULL | Steve Langasek | 2019-01-03 |
| | | | | | | tty argument, since this will cause our helper to segfault instead of returning a useful value. Thanks to Troy Davis for the report. Closes: #495806. | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | debian/patches/054_pam_security_abstract_securetty_handling: move the | Steve Langasek | 2019-01-03 |
| | | | | | | | | warning log about an insecure tty back to pam_securetty proper; we don't want to generate log messages every time pam_unix is called as non-root. Closes: #493283. As a side-effect, pam_unix no longer logs any warnings about NULL password + insecure tty, but I don't think this is critical. |