path: root/debian/patches-applied/series
Commit message (Collapse)AuthorAge
* fix patch names so it's clear these are all for pam_unixSteve Langasek2019-01-03
* New patch pam_unix_fix_sgid_shadow_auth.patch, fixing an upstreamSteve Langasek2019-01-03
| | | | | | | | regression which prevents sgid shadow apps from being able to authenticate any more because the module forces use of the helper and the helper won't allow authentication of arbitrary users. This change does mean we're going to be noisier for the time being in an SELinux environment, which should be addressed but is not a regression on Debian.
* New patch no_helper_for_nis+.patch, which restores the behavior of doingSteve Langasek2019-01-03
| | | | | in-process NIS+ account checking instead of unconditionally passing it off to the unix_chkpwd helper; if it wasn't broke, don't fix it.
* New patch setreuid_juggling.patch: restore the behavior wrt uidSteve Langasek2019-01-03
| | | | | changes for NIS+, since I know the old behavior was right and don't believe anyone has tested the new code.
* move the getpwnam patch to the beginning of the series, since it should beSteve Langasek2019-01-03
| | | | committed upstream soon
* New patch thread-safe_save_old_password.patch, to make sure all ourSteve Langasek2019-01-03
| | | | getpwnam() use in pam_unix is thread-safe (fixes an upstream regression)
* no_pthread_mutexes, limits_wrong_strncpy, misc_conv_allow_sigint.patch,Steve Langasek2019-01-03
| | | | and pam_tally_audit.patch, which have been merged upstream.
* refresh more patches for new upstream versionSteve Langasek2019-01-03
* Drop patch 049_pam_unix_sane_locking, which upon review is not needed;Steve Langasek2019-01-03
| | | | | it reduces the length of time we hold the lock, but at the expense of being able to enforce minimum times between password changes.
* New patch do_not_check_nis_accidentally: respect the 'nis' optionSteve Langasek2019-01-03
| | | | | | (set or unset) when looking up the user's password entry for password changes. Thanks to Quentin Godfroy <> for the patch. Closes: #469635.
* revert rhosts_int32_not_bool.patch; doesn't matter now, pam_rhosts_auth hasSteve Langasek2019-01-03
| | | | been dropped upstream
* New patch, rhosts_int32_not_bool.patch, to fix a parentheses error inSteve Langasek2019-01-03
| | | | | | pam_rhosts_auth introduced upstream in we want to cast the result of inet_addr to int32_t, not the result of a boolean *comparison* on inet_addr's result...
* further patch refreshes for the new upstream versionSteve Langasek2019-01-03
* drop a dozen patches that have been merged upstream \o/Steve Langasek2019-01-03
* refresh patches for new upstream versionSteve Langasek2019-01-03
* Fix up the patchlevels in the series file, now that we're not using aSteve Langasek2019-01-03
| | | | | separate subdir for the upstream sources
* fix-up commit for grafting svn history onto git historySteve Langasek2019-01-02