| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
| |
also, reorder patches so that all doc rebuilds get the standard locale
setting.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
pam (1.1.8-3.6) unstable; urgency=medium
* Non-maintainer upload.
* cve-2015-3238.patch: Add the changes in the generated pam_exec.8
and pam_unix.8 in addition to (and after) the changes to the
source .xml files. This avoids unwanted rebuilds that can cause
problems due to differing files on different architectures of
the Multi-Arch: same libpam-modules. (Closes: #851545)
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
pam (1.1.8-3.3) unstable; urgency=low
* Non-maintainer upload.
[ Steve Langasek ]
* Updated Swedish translation to correct a typo, thanks to Anders Jonsson
and Martin Bagge. Closes: #743875
* Updated Turkish translation, thanks to Mert Dirik <mertdirik@gmail.com>.
(closes: #756756)
* d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak@ubuntu.com> for the patch. Closes: #783105.
* Acknowledge security NMU.
* pam-auth-update: don't mishandle trailing whitespace in profiles.
LP: #1487103.
[ Laurent Bigonville ]
* debian/control: Fix Vcs-* and Homepage fields (Closes: #752343)
* debian/watch: Update watch file and point it to http://www.linux-pam.org
* debian/patches-applied/pam_namespace_fix_bashism.patch: Fix bashism in
namespace.init script (Closes: #624842)
* debian/control: Build-depends against debhelper (>= 9) to match the
defined debhelper compatibility
* Rename the cve-2011-4708.patch to cve-2010-4708.patch to match reality,
thanks to Jakub Wilk <jwilk@debian.org> for noticing (Closes: #761594)
* debian/control: Bump Standards-Version to 3.9.8 (no further changes)
* debian/libpam-doc.doc-base.applications-guide: Fix spelling
* debian/libpam0g-dev.examples: Do not use shell brace expansion
* debian/patches-applied/pam-loginuid-in-containers: Updated with the version
from Ubuntu, this should fix logins in containers (Closes: #726661)
* debian/patches-applied/update-motd: Updated with the version from Ubuntu:
use /run/motd.dynamic instead of /var/run/motd, nothing in the archive
uses the later (Closes: #743286)
* debian/patches-applied/make_documentation_reproducible.patch: Make the
build reproducible, removes differences when building with different
locale values (Closes: #792127)
|
| | |
| |
| |
| |
| | |
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak@ubuntu.com> for the patch. Closes: #783105.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
pam (1.1.8-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2015-3238: DoS/user enumeration due to blocking pipe in pam_unix
module (Closes: #789986)
|
| |/
|
|
|
|
|
|
|
|
| |
pam (1.1.8-3.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-7041: case-insensitive comparison used for verifying
passwords in the pam_userdb module (closes: #731368).
* Fix CVE-2014-2583: multiple directory traversal issues in the
pam_timestamp module (closes: 757555)
|
| |
|
|
| |
install
|
| | |
|
| |
|
|
| |
so that regenerating documentation doesn't cause build skew.
|
| | |
|
| | |
|
| |
|
|
| |
upstream with a newer, fixed xsltproc.
|
| | |
|
| |
|
|
| |
Ignore failure in user namespaces.
|
| |
|
|
|
| |
which will let us keep up-to-date with newer autotools. In the present
instance, this gets us aarch64 support.
|
| | |
|
| |
|
|
|
| |
include causing build failure with eglibc 2.16. Thanks to Daniel
Schepler <dschepler@gmail.com>. Closes: #693450.
|
| |
|
|
| |
from the previous security upload. Closes: #693995.
|
| | |
|
| |
|
|
|
| |
'noupdate', which suppresses the call to run-parts /etc/update-motd.d.
LP: #805423.
|
| |
|
|
|
| |
run-parts, and restore the old mask afterwards, so /run/motd gets
consistent permissions. LP: #871943.
|
| |
|
|
|
|
| |
setre*id() calls; we know that there are situations where some of these
may fail but we don't care. As long as the last setre*id() call in each
set succeeds, that's the state we mean to be in.
|
| |
|
|
|
|
| |
in environment file parsing (CVE-2011-3148).
* debian/patches-applied/pam_env-fix-dos.patch: fix DoS in environment
file parsing (CVE-2011-3149).
|
| |
|
|
| |
building motd.
|
| | |
|
| |
|
|
| |
drop unneeded no-op change to reduce delta from upstream.
|
| |
|
|
|
|
| |
debian/patches-applied/026_pam_unix_passwd_unknown_user,
debian/patches-applied/054_pam_security_abstract_securetty_handling:
improve descriptions.
|
| |
|
|
|
| |
- fix off-by-one when parsing configuration file.
- when using chroot, chdir() to root to lose links to old tree.
|
| |
|
|
| |
setresgid() to wipe out saved-gid just in case.
|
| | |
|
| |
|
|
|
|
| |
don't reset the process niceness for root; since it's root, they can
still renice to a lower nice level if they need to and changing the
nice level by default is unexpected behavior. Closes: #594377.
|
| |\ |
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
compatibility when it's not already set. Closes: #552043.
* debian/local/pam-auth-update: Don't try to pass embedded newlines to
debconf; backslash-escape them instead and use CAPB escape.
* debian/local/pam-auth-update: sort additional module options before
writing them out, so that we don't wind up with a different config file
on every invocation. Thanks to Jim Paris <jim@jtan.com> for the patch.
Closes: #594123.
|
| | |\| |
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the non-standard configure arguments in debian/rules: look in
/lib/$(DEB_HOST_GNU_TYPE)/security first, then /lib/security as a fallback.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
- only report about unknown kernel rlimits when "debug" is set
(Closes: 625226, LP: #794531).
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
set a better default RLIMIT_MEMLOCK value for BSD kernels. Thanks to
Petr Salinger for the fix. Closes: #602902.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
interface; now possibly upstreamable
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
instead of creating a new parse-kernel-rlimits.patch, to keep these changes
logically grouped together; and add a DEP3 patch header here since we didn't
have one before
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
from the kernel (via /proc/1/limits), instead of continuing to hardcode
the settings internally. Fall back to internal defaults when the kernel
rlimits are not found. Closes: #620302. (LP: #746655, #391761)
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
setfsuid in pam_xauth that I overlooked, so that the build works again
on non-Linux. Closes: #613630.
|
