lp://staging/debian/pam
- Get this branch:
- bzr branch lp://staging/debian/pam
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 35. By Michael Gilbert <email address hidden>
-
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-7041: case-insensitive comparison used for verifying
passwords in the pam_userdb module (closes: #731368).
* Fix CVE-2014-2583: multiple directory traversal issues in the
pam_timestamp module (closes: 757555) - 34. By Steve Langasek
-
debian/rules: On hurd, link libpam explicitly with -lpthread since glibc
will not dynamically switch between the libc stubs and the libpthread
implementations on this architecture. Thanks to Samuel Thibault for the
patch. Closes: #743891. - 33. By Steve Langasek
-
Mark the libaudit-dev build-dependency linux-any, since it's not
available on non-Linux archs. Closes: #737035. - 32. By Steve Langasek
-
* New upstream release.
- includes upstream changes to pam_exec. Closes: #670147.
- adds support for newer hashing algorithms to pam_userdb.
Closes: #671740.
- fixes handling of 'quiet' argument to pam_listfile, to match the
documentation. Closes: #592219.
- fixes handling of @users@@hosts netgroup syntax in access.conf.
Closes: #681223.
- fixes installation of the /etc/security/namespace. d directory.
Closes: #710998.
- 027_pam_limits_ better_ init_allow_ explicit_ root: support for reading
/proc/1/limits is upstream, this patch now only handles the policy
of resetting limits by default and not applying glob limits to root.
- debian/patches/ fix-manpage- crud: drop, manpages now being generated
upstream with a newer, fixed xsltproc.
- debian/patches/ pam_env- fix-overflow. patch, pam_env- fix-dos. patch,
glibc-2_16-compilatio n-fix.patch, sys-types- include. patch: drop,
included upstream.
* Add build-dependency on pkg-config.
* Ensure autogenerated files are after source files in all relevant patches,
so that regenerating documentation doesn't cause build skew.
* Drop the --disable-regenerate- docu argument, restoring the HTML manuals
to the libpam-doc package. Closes: #700485.
* No need to override dh_compress in debian/rules, it already handles .html
files correctly.
* debian/libpam- cracklib. prerm: use $DPKG_MAINTSCRI PT_PACKAGE_ COUNT to avoid
prematurely removing the PAM config when the package is installed for
multiple architectures. Closes: #647428. - 31. By Steve Langasek
-
[ Wookey ]
* Disable libaudit for stage1 bootstrap.[ Steve Langasek ]
* debian/patches- applied/ pam-loginuid- in-containers: pam_loginuid:
Ignore failure in user namespaces.
* Use [linux-any] in build-deps, instead of hard-coding a list of
non-Linux archs. Closes: #634516. - 30. By Steve Langasek
-
* Fix pam-auth-update handling of trailing blank lines in the fields of
profiles. LP: #1160288.
* Reintroduce libaudit support now that libaudit has been multiarched.
Closes: #699159. - 29. By Steve Langasek
-
* Revert libaudit support for now, because libaudit isn't multiarched yet
in unstable so this regresses cross-installability. Reopens bug
#699159.
* Add an or'ed dependency on cdebconf, which also implements the
xloadtemplatefile extension that prevents us from depending on just
'debconf-2.0'. Thanks to Régis Boudin <email address hidden> for the info.
Closes: #677278. - 28. By Steve Langasek
-
* Confirm NMU for bug #611136; thanks to Michael Gilbert.
- As a side effect, there will no longer be errors from reading the
.pam_environment twice since we are now reading it 0 times.
LP: #955032.
* Adjust the pam_env documentation to match the module behavior resulting
from the previous security upload. Closes: #693995.
* debian/rules: never regenerate manpages at build time; this may cause
build skew that breaks the world in a multiarch context. LP: #1095887.
* debian/patches- applied/ glibc-2_ 16-compilation- fix.patch: fix missing
include causing build failure with eglibc 2.16. Thanks to Daniel
Schepler <email address hidden>. Closes: #693450.
* Ditch autoconf patch in favor of a build-dependency on dh-autoreconf,
which will let us keep up-to-date with newer autotools. In the present
instance, this gets us aarch64 support.
* Install pam_timestamp_check - and while we're at it, move the manpage
to the correct binary package. Closes: #648695.
* Update lintian overrides to suppress some noise about hardening and
manpages.
* Enable audit support, by popular demand. This should have no major
impact unless you're also running auditd; but I reserve the right to
disable this again in the event that this causes a performance hit or
breaks upgrades (since the dependency is pulled into libpam, not just
into pam_tty_audit). Closes: #699159, LP: #937005. - 27. By Michael Gilbert <email address hidden>
-
* Non-maintainer upload.
* Fix cve-2011-4708: user-configurable .pam_environment allows
administrator-level changes without root access (closes: #611136). - 26. By Steve Langasek
-
* Updated debconf translations:
- Danish, thanks to Joe Dalton <email address hidden> (closes: #648382)
- French, thanks to Jean-Baka Domelevo Entfellner <email address hidden>
(closes: #649850)
- Dutch, thanks to Jeroen Schot <email address hidden>
(closes: #650755)
- Russian, thanks to Yuri Kozlov <email address hidden> (closes: #650867)
- Portuguese, thanks to Pedro Ribeiro <email address hidden>
(closes: #652493)
- German, thanks to Sven Joachim <email address hidden> (closes: #653407)
- Spanish, thanks to Javier Fernandez-Sanguino Peña <email address hidden>
(closes: #654043)
- Bulgarian, thanks to Damyan Ivanov <email address hidden> (closes: #656518)
- Slovak, thanks to Ivan Masár <email address hidden> (closes: #656521)
- Japanese, thanks to Kenshi Muto <email address hidden> (closes: #656834)
- Polish, thanks to Michał Kułach <email address hidden>
(closes: #657476)
- Catalan, thanks to Innocent De Marchi <email address hidden>
(closes: #657489)
- Czech, thanks to Miroslav Kure <email address hidden>
(closes: #657578)
- Swedish, thanks to Martin Bagge <email address hidden> (closes: #651349)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/debian/squeeze/pam