Author: Robie Basak
Revision Date: 2015-04-22 08:55:24 UTC

d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE.

Author: Robie Basak
Revision Date: 2015-04-22 08:55:24 UTC

d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE.

Author: Robie Basak
Revision Date: 2015-04-22 08:55:24 UTC

d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE.

Author: Brian Murray
Revision Date: 2014-10-21 12:32:23 UTC

No-change rebuild to get debug symbols on all architectures.

Author: Brian Murray
Revision Date: 2014-10-21 12:32:23 UTC

No-change rebuild to get debug symbols on all architectures.

Author: Stéphane Graber
Revision Date: 2014-01-31 22:11:02 UTC

debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
Update patch with follow-up changes to loginuid.c

Author: Stéphane Graber
Revision Date: 2014-01-31 22:11:02 UTC

debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
Update patch with follow-up changes to loginuid.c

Author: Steve Langasek
Revision Date: 2013-05-18 00:07:43 UTC

Adjust debian/patches-applied/update-motd to write to /run/motd.dynamic,
as sysvinit/ssh/login in Debian have been changed to use this file and
no longer links /etc/motd to /var/run/motd.

Author: Steve Langasek
Revision Date: 2013-05-18 00:07:43 UTC

Adjust debian/patches-applied/update-motd to write to /run/motd.dynamic,
as sysvinit/ssh/login in Debian have been changed to use this file and
no longer links /etc/motd to /var/run/motd.

Author: Steve Langasek
Revision Date: 2013-03-26 13:05:44 UTC

Include the pam_tally2 helper in /sbin so that the pam_tally2 module can
be used. LP: #586462.

Author: Steve Langasek
Revision Date: 2013-03-26 13:05:44 UTC

Include the pam_tally2 helper in /sbin so that the pam_tally2 module can
be used. LP: #586462.

Author: Wookey
Revision Date: 2013-02-15 12:45:27 UTC

Disable libaudit for stage1 bootstrap (LP: #1126404)

Author: Wookey
Revision Date: 2013-02-15 12:45:27 UTC

Disable libaudit for stage1 bootstrap (LP: #1126404)

Author: Andrey Bondarenko
Revision Date: 2012-11-12 04:06:42 UTC

* debian/patches-applied/parse_userenv_as_envfile: user_envfile is parsed as an env
  file instead of parsing it as a conffile which has different syntax.
  see: https://fedorahosted.org/pipermail/pam-developers/2011-June/thread.html#75
* Pull changes from 1.1.3-2ubuntu2.1. Remaining changes:
  - debian/patches-applied/parse_userenv_as_envfile: user_envfile is parsed
    as an env file instead of parsing it as a conffile which has different
    syntax.
* Merge changes from 1.1.2-2ubuntu8.3 and 1.1.2-2ubuntu8.2+abone1.
* SECURITY REGRESSION:
  - debian/patches/security-dropprivs.patch: updated patch to preserve
    ABI and prevent daemons from needing to be restarted. (LP: #790538)
  - debian/patches/autoconf.patch: refreshed
* debian/patches-applied/parse_userenv_as_envfile: user_envfile is parsed
  as an env file instead of parsing it as a conffile which has different
  syntax.
* SECURITY UPDATE: multiple issues with lack of adequate privilege
  dropping
  - debian/patches/security-dropprivs.patch: introduce new privilege
    dropping code in libpam/pam_modutil_priv.c, libpam/Makefile.*,
    libpam/include/security/pam_modutil.h, libpam/libpam.map,
    modules/pam_env/pam_env.c, modules/pam_mail/pam_mail.c,
    modules/pam_xauth/pam_xauth.c.
  - CVE-2010-3430
  - CVE-2010-3431
  - CVE-2010-3435
  - CVE-2010-4706
  - CVE-2010-4707
* SECURITY UPDATE: privilege escalation via incorrect environment
  - debian/patches/CVE-2010-3853.patch: use clean environment in
    modules/pam_namespace/pam_namespace.c.
  - CVE-2010-3853
* debian/patches-applied/series: disable hurd_no_setfsuid patch, as it
  isn't needed for Ubuntu, and it needs to be rewritten to work with the
  massive privilege refactoring in the security patches.
* debian/patches-applied/update-motd: santize the environment before
  calling run-parts, LP: #610125

Author: Steve Langasek
Revision Date: 2012-07-03 06:55:25 UTC

[ Nathan Williams ]
Add /usr/local/games to PATH. LP: #110287.

Author: Nathan Williams
Revision Date: 2012-07-03 07:05:55 UTC

add /usr/local/games to PATH

Author: Andrey Bondarenko
Revision Date: 2012-05-04 03:00:58 UTC

New ubuntu release 1.1.3-7ubuntu2

Author: Nathan Williams
Revision Date: 2012-04-01 04:25:11 UTC

cleaner path replacement

Author: Daniel Polehn
Revision Date: 2012-02-10 17:51:51 UTC

Add /usr/local/games to default $PATH LP: #110287

Author: Steve Langasek
Revision Date: 2012-02-08 17:15:39 UTC

No-change rebuild with gzip 1.4-1ubuntu2 to get multiarch-clean
compression of manpages. LP: #871083.

Author: Marc Deslauriers
Revision Date: 2011-10-18 09:33:47 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Steve Langasek
Revision Date: 2011-10-09 15:41:41 UTC

No-change rebuild to regenerate compressed manpages, which for some
unknown reason were compressed differently on some architectures than
on others, breaking multiarch co-installability. LP: #871083.

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:26:13 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Marc Deslauriers
Revision Date: 2011-10-18 09:33:47 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:05:50 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:03:44 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:05:50 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:03:44 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

Author: Steve Langasek
Revision Date: 2011-10-09 15:41:41 UTC

No-change rebuild to regenerate compressed manpages, which for some
unknown reason were compressed differently on some architectures than
on others, breaking multiarch co-installability. LP: #871083.

Author: Kees Cook
Revision Date: 2011-08-18 16:41:18 UTC

* Merge with Debian to get bug fix for unknown kernel rlimits. Remaining
  changes:
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
    not present there or in /etc/security/pam_env.conf. (should send to
    Debian).
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent
    showing it again.
  - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
    for update-motd, with some best practices and notes of explanation.
  - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
    to update-motd(5)
  - debian/libpam0g.postinst: drop kdm from the list of services to
    restart.
  - debian/libpam0g.postinst: check if gdm is actually running before
    trying to reload it.
  - debian/local/common-session{,-noninteractive}: Enable pam_umask by
    default, now that the umask setting is gone from /etc/profile.
  - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
  - add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
    Deprecate pam_unix' explicit "usergroups" option and instead read it
    from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
    there. This restores compatibility with the pre-PAM behaviour of login.
    (Closes: #583958)
* Dropped changes:
  - debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
    no need to bump the hard limit for number of file descriptors any more
    since we read kernel limits directly now.

Author: Dustin Kirkland 
Revision Date: 2011-04-27 13:02:15 UTC

debian/patches-applied/update-motd: santize the environment before
calling run-parts, LP: #610125

Author: Dustin Kirkland 
Revision Date: 2011-05-03 07:58:52 UTC

debian/patches-applied/update-motd: santize the environment before
calling run-parts, LP: #610125

Author: Stéphane Graber
Revision Date: 2011-04-11 21:57:36 UTC

Check if gdm is actually running before trying to reload it. (LP: #745532)

Author: Steve Langasek
Revision Date: 2011-03-16 00:12:17 UTC

releasing version 1.1.2-2ubuntu3+multiarch.2

Author: Steve Langasek
Revision Date: 2010-08-16 19:12:35 UTC

* Merge from Debian unstable, remaining changes:
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
    not present there or in /etc/security/pam_env.conf. (should send to
    Debian).
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - Make libpam-modules depend on base-files (>= 5.0.0ubuntu6), to ensure
    run-parts does the right thing in /etc/update-motd.d.
  - debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent
    showing it again.
  - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
    for update-motd, with some best practices and notes of explanation.
  - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
    to update-motd(5)

Author: Kees Cook
Revision Date: 2010-07-07 10:55:09 UTC

* SECURITY UPDATE: root privilege escalation via symlink following.
  - debian/patches-applied/pam_motd-legal-notice: drop privs for work.
  - CVE-2010-0832

Author: Kees Cook
Revision Date: 2010-07-07 10:55:09 UTC

* SECURITY UPDATE: root privilege escalation via symlink following.
  - debian/patches-applied/pam_motd-legal-notice: drop privs for work.
  - CVE-2010-0832

Author: Dustin Kirkland 
Revision Date: 2010-04-13 16:58:12 UTC

* debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
  for update-motd, with some best practices and notes of explanation,
  LP: #562566
* debian/patches/update-motd-manpage-ref: add a reference in pam_mod(8)
  to update-motd(5), LP: #552175

Author: Steve Langasek
Revision Date: 2009-03-20 19:12:10 UTC

* Merge from Debian unstable
* Remaining changes:
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
    present there or in /etc/security/pam_env.conf. (should send to Debian).
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
    type rather than __u8.
  - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
    module option 'missingok' which will suppress logging of errors by
    libpam if the module is not found.
  - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for
    password on bad username.
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - debian/patches-applied/ubuntu-user_defined_environment: Look at
    ~/.pam_environment too, with the same format as
    /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.)
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - debian/local/common-password, debian/pam-configs/unix: switch from
    "md5" to "sha512" as password crypt default.

Author: Steve Langasek
Revision Date: 2008-10-15 18:11:13 UTC

* debian/libpam0g.postinst: change 'cupsys' to 'cups' in the list of
  default desktop services that are ignored in deciding whether to prompt
  for service restarts on upgrade. Partially addresses LP #278117.
* debian/libpam0g.postinst: also filter out samba, which may be installed
  on the desktop to enable filesharing.
* debian/libpam-cracklib.prerm, debian/libpam-runtime.prerm: add the
  ubiquitous debhelper tokens (currently a no-op)
* pam-auth-update: Use -Initial only for the first profile, even when
  there's no explicit -Initial config for that first profile
* fix common-session/common-password to use the same overall stack
  structure as auth/account, so that we get the correct behavior when
  all password modules fail. LP: #272232.

Author: Steve Langasek
Revision Date: 2008-04-08 18:21:40 UTC

debian/local/common-{auth,password}, debian/libpam-runtime.postinst:
Add pam_smbpass as an optional module in the stack, to keep NTLM
passwords (for filesharing) in sync with the main system passwords on a
best-effort basis. LP: #208419.

Author: Steve Langasek
Revision Date: 2007-09-28 23:45:24 UTC

* Resynchronise with Debian. Remaining changes:
  - debian/control, debian/local/common-session{,md5sums}: use
    libpam-foreground for session management.
  - debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
    The nis package handles overriding this as necessary.
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
    present there or in /etc/security/pam_env.conf.
  - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
    type rather than __u8.
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits. Bound
    RLIMIT_NICE from below as well as from above. Fix off-by-one error when
    converting RLIMIT_NICE to the range of values used by the kernel.
    (Originally patch 101; converted to quilt.)
  - debian/patches-applied/ubuntu-user_defined_environment: Look at
    ~/.pam_environment too, with the same format as
    /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.)
  - debian/patches-applied/ubuntu-regression_fix_securetty: securetty's
    earlier behavior would correctly prompt for password on bad usernames
    (LP: #139075).
  - Build using db4.5 instead of db4.6.
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running (LP: #141309).
* debian/libpam0g.postinst: don't display a debconf warning about display
  managers that need restarting when update-manager is running, instead
  signal to update-notifier if a reboot is required.

Author: Colin Watson
Revision Date: 2006-12-20 16:14:37 UTC

Remove /usr/bin/X11 from default PATH (new installs only).

Author: Colin Watson
Revision Date: 2006-06-29 17:27:34 UTC

Resynchronise with Debian.

Author: Colin Watson
Revision Date: 2006-05-12 17:42:40 UTC

debian/patches-applied/061_pam_rlimits_nice_rtprio: Protect use of
RLIMIT_NICE in init_limits() with an #ifdef.

Author: Colin Watson
Revision Date: 2005-09-12 18:32:54 UTC

* Fix pam_getenv, which never worked:
  - Parse /etc/security/pam_env.conf using its own syntax, and then
    /etc/environment using its own syntax rather than the syntax of
    /etc/security/pam_env.conf.
  - 'my $val' was used in an incorrect scope; fixed.
  - Exit non-zero if the requested environment variable is not found.

Author: Sam Hartman
Revision Date: 2004-06-28 14:28:08 UTC

* Add uploaders
* Document location of repository
* Fix options containing arguments in pam_unix, Closes: #254904

Author: Sam Hartman
Revision Date: 2004-05-04 21:37:38 UTC

Fix patch 055 again because -20 was broken and didn't actually fix the
problem.

Author: Steve Langasek
Revision Date: 2009-08-07 09:32:50 UTC

When no profiles are chosen in pam-auth-update, throw an error message
and prompt again instead of letting the user end up with an insecure
system. This introduces a new debconf template. LP: #410171.

Author: Steve Langasek
Revision Date: 2009-08-07 09:24:13 UTC

When no profiles are chosen in pam-auth-update, throw an error message
and prompt again instead of letting the user end up with an insecure
system. This introduces a new debconf template. LP: #410171.

Author: Steve Langasek
Revision Date: 2009-08-07 09:32:50 UTC

When no profiles are chosen in pam-auth-update, throw an error message
and prompt again instead of letting the user end up with an insecure
system. This introduces a new debconf template. LP: #410171.

Author: Steve Langasek
Revision Date: 2009-08-07 09:24:13 UTC

When no profiles are chosen in pam-auth-update, throw an error message
and prompt again instead of letting the user end up with an insecure
system. This introduces a new debconf template. LP: #410171.

Author: Steve Langasek
Revision Date: 2009-09-04 01:11:48 UTC

* Merge from Debian, remaining changes:
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
    present there or in /etc/security/pam_env.conf. (should send to Debian).
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
    module option 'missingok' which will suppress logging of errors by
    libpam if the module is not found.
  - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for
    password on bad username.
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - Make libpam-modules depend on base-files (>= 5.0.0ubuntu6), to ensure
    run-parts does the right thing in /etc/update-motd.d.
  - debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent showing
    it again.
  - debian/local/common-{auth,account,password}.md5sums: include the
    Ubuntu-specific intrepid,jaunty md5sums for use during the
    common-session-noninteractive upgrade.
* Changes merged in Debian:
  - debian/local/common-password, debian/pam-configs/unix: switch from
    "md5" to "sha512" as password crypt default.

Author: Steve Langasek
Revision Date: 2009-03-09 23:02:31 UTC

pam-auth-update: trim leading whitespace from multiline fields when
parsing PAM profiles. LP: #295441.

Author: Steve Langasek
Revision Date: 2008-04-22 18:53:37 UTC

* debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
  module option 'missingok' which will suppress logging of errors by
  libpam if the module is not found.
* debian/local/common-{auth,password}, debian/libpam-runtime.postinst:
  Use the new 'missingok' option by default for pam_smbpass, to
  correct the problem of very loud logging introduced in the previous
  upload when libpam-smbpass is not installed. LP: #216990.