Branches for Karmic

Author: Kees Cook
Revision Date: 2010-07-07 10:55:09 UTC

* SECURITY UPDATE: root privilege escalation via symlink following.
  - debian/patches-applied/pam_motd-legal-notice: drop privs for work.
  - CVE-2010-0832

Author: Kees Cook
Revision Date: 2010-07-07 10:55:09 UTC

* SECURITY UPDATE: root privilege escalation via symlink following.
  - debian/patches-applied/pam_motd-legal-notice: drop privs for work.
  - CVE-2010-0832

Author: Steve Langasek
Revision Date: 2009-09-04 01:11:48 UTC

* Merge from Debian, remaining changes:
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
    present there or in /etc/security/pam_env.conf. (should send to Debian).
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
    module option 'missingok' which will suppress logging of errors by
    libpam if the module is not found.
  - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for
    password on bad username.
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - Make libpam-modules depend on base-files (>= 5.0.0ubuntu6), to ensure
    run-parts does the right thing in /etc/update-motd.d.
  - debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent showing
    it again.
  - debian/local/common-{auth,account,password}.md5sums: include the
    Ubuntu-specific intrepid,jaunty md5sums for use during the
    common-session-noninteractive upgrade.
* Changes merged in Debian:
  - debian/local/common-password, debian/pam-configs/unix: switch from
    "md5" to "sha512" as password crypt default.