lp:~schopin/ubuntu/+source/pam/+git/pam

Author: Sergio Durigan Junior
Author Date: 2021-12-04 04:26:54 UTC

cherry-pick: Allow /etc/environment files without EOL at EOF.

In other words, allow files without a newline at the end. (LP: #1953201)

Author: Sergio Durigan Junior
Author Date: 2021-12-04 04:26:54 UTC

cherry-pick: Allow /etc/environment files without EOL at EOF.

In other words, allow files without a newline at the end. (LP: #1953201)

Author: Simon Chopin
Author Date: 2021-10-26 14:10:53 UTC

d/p/extrausers.patch: Refreshed, and fixed the SELinux-related build failure

Author: Steve Langasek
Author Date: 2021-07-16 05:43:27 UTC

releasing package pam version 1.3.1-5ubuntu6

Author: Steve Langasek
Author Date: 2021-07-16 05:43:27 UTC

releasing package pam version 1.3.1-5ubuntu6

Author: Steve Langasek
Author Date: 2021-07-15 21:52:51 UTC

releasing package pam version 1.3.1-5ubuntu4.1

Author: Steve Langasek
Author Date: 2019-02-14 07:17:06 UTC

releasing package pam version 1.3.1-5ubuntu1

Author: Steve Langasek
Author Date: 2019-02-14 07:17:06 UTC

releasing package pam version 1.3.1-5ubuntu1

Author: Steve Langasek
Author Date: 2009-08-07 08:24:13 UTC

Import Debian changes 1.0.1-4ubuntu5.6

pam (1.0.1-4ubuntu5.6) intrepid-security; urgency=low

  * When no profiles are chosen in pam-auth-update, throw an error message
    and prompt again instead of letting the user end up with an insecure
    system. This introduces a new debconf template. LP: #410171.

Author: Steve Langasek
Author Date: 2009-08-07 08:32:50 UTC

Import Debian changes 1.0.1-9ubuntu1.1

pam (1.0.1-9ubuntu1.1) jaunty-security; urgency=low

  * When no profiles are chosen in pam-auth-update, throw an error message
    and prompt again instead of letting the user end up with an insecure
    system. This introduces a new debconf template. LP: #410171.

Author: Kees Cook
Author Date: 2010-07-07 17:55:09 UTC

Import Debian changes 1.1.0-2ubuntu1.1

pam (1.1.0-2ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: root privilege escalation via symlink following.
    - debian/patches-applied/pam_motd-legal-notice: drop privs for work.
    - CVE-2010-0832

Author: Steve Langasek
Author Date: 2013-03-26 20:05:44 UTC

Import Debian changes 1.1.1-2ubuntu5.6

pam (1.1.1-2ubuntu5.6) lucid-proposed; urgency=low

  * Include the pam_tally2 helper in /sbin so that the pam_tally2 module can
    be used. LP: #586462.

Author: Marc Deslauriers
Author Date: 2011-10-18 14:05:50 UTC

Import Debian changes 1.1.1-4ubuntu2.4

pam (1.1.1-4ubuntu2.4) maverick-security; urgency=low

  * SECURITY UPDATE: possible code execution via incorrect environment file
    parsing (LP: #874469)
    - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
      whitespace when parsing environment file in modules/pam_env/pam_env.c.
    - CVE-2011-3148
  * SECURITY UPDATE: denial of service via overflowed environment variable
    expansion (LP: #874565)
    - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
      with PAM_BUF_ERR in modules/pam_env/pam_env.c.
    - CVE-2011-3149
  * SECURITY UPDATE: code execution via incorrect environment cleaning
    - debian/patches-applied/update-motd: updated to use clean environment
      and absolute paths in modules/pam_motd/pam_motd.c.
    - CVE-2011-XXXX

Author: Marc Deslauriers
Author Date: 2011-10-18 14:03:44 UTC

Import Debian changes 1.1.2-2ubuntu8.4

pam (1.1.2-2ubuntu8.4) natty-security; urgency=low

  * SECURITY UPDATE: possible code execution via incorrect environment file
    parsing (LP: #874469)
    - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
      whitespace when parsing environment file in modules/pam_env/pam_env.c.
    - CVE-2011-3148
  * SECURITY UPDATE: denial of service via overflowed environment variable
    expansion (LP: #874565)
    - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
      with PAM_BUF_ERR in modules/pam_env/pam_env.c.
    - CVE-2011-3149
  * SECURITY UPDATE: code execution via incorrect environment cleaning
    - debian/patches-applied/update-motd: updated to use clean environment
      and absolute paths in modules/pam_motd/pam_motd.c.
    - CVE-2011-XXXX

Author: Seyeong Kim
Author Date: 2018-04-06 00:33:57 UTC

Import Debian changes 1.1.8-3.2ubuntu2.1

pam (1.1.8-3.2ubuntu2.1) xenial; urgency=medium

  * d/local/pam_getenv:
    - Fix "Unescaped left brace in regex" with Perl 5.22. (LP: #1538284)

Author: Seyeong Kim
Author Date: 2018-04-06 01:21:32 UTC

Import Debian changes 1.1.8-3.2ubuntu3.1

pam (1.1.8-3.2ubuntu3.1) artful; urgency=medium

  * d/local/pam_getenv:
    - Fix "Unescaped left brace in regex" with Perl 5.22. (LP: #1538284)

Author: Timo Aaltonen
Author Date: 2018-04-05 12:27:42 UTC

Import Debian changes 1.1.8-3.6ubuntu2

pam (1.1.8-3.6ubuntu2) bionic; urgency=medium

  * pam-auth-update: Add support for --enable option which is useful for
    enabling non-default configs without asking the admin. (LP:
    #1192719)

Author: Timo Aaltonen
Author Date: 2018-04-05 12:27:42 UTC

Import Debian changes 1.1.8-3.6ubuntu2

pam (1.1.8-3.6ubuntu2) bionic; urgency=medium

  * pam-auth-update: Add support for --enable option which is useful for
    enabling non-default configs without asking the admin. (LP:
    #1192719)

Author: Tyler Hicks
Author Date: 2016-03-17 18:14:44 UTC

Import Debian changes 1.1.3-7ubuntu2.3

pam (1.1.3-7ubuntu2.3) precise-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558597)
    - debian/patches-applied/cve-2015-3238.patch: Readd the manpage XML
      changes and also add the regenerated man pages to the patch. It is
      required to add the regenerated man pages to the patch because the build
      dependencies to regenerate the man pages are only installed during i386
      builds.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch: Add
      the changes after regenerating pam_umask.8 to the patch for the reasons
      mentioned above.

Author: Marc Deslauriers
Author Date: 2016-03-16 17:27:40 UTC

Import Debian changes 1.1.8-3.1ubuntu3.2

pam (1.1.8-3.1ubuntu3.2) wily-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558114)
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build.
    - CVE-2015-3238

Author: Marc Deslauriers
Author Date: 2016-03-16 17:30:15 UTC

Import Debian changes 1.1.8-1ubuntu2.2

pam (1.1.8-1ubuntu2.2) trusty-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558114)
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build.
    - CVE-2015-3238

Author: Marc Deslauriers
Author Date: 2016-03-16 17:34:02 UTC

Import Debian changes 1.1.8-3.2ubuntu2

pam (1.1.8-3.2ubuntu2) xenial; urgency=medium

  * debian/patches-applied/cve-2015-3238.patch: removed manpage changes
    so they don't get regenerated during build and cause a multiarch
    installation issue. (LP: #1558114)

Author: Marc Deslauriers
Author Date: 2016-03-16 17:34:02 UTC

Import Debian changes 1.1.8-3.2ubuntu2

pam (1.1.8-3.2ubuntu2) xenial; urgency=medium

  * debian/patches-applied/cve-2015-3238.patch: removed manpage changes
    so they don't get regenerated during build and cause a multiarch
    installation issue. (LP: #1558114)

Author: Robie Basak
Author Date: 2015-04-22 08:55:24 UTC

Import Debian changes 1.1.8-3.1ubuntu3

pam (1.1.8-3.1ubuntu3) vivid; urgency=medium

  * d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
    soft nofile limit read from pid 1 to FD_SETSIZE.

Author: Brian Murray
Author Date: 2014-10-21 19:32:23 UTC

Import Debian changes 1.1.8-3ubuntu4

pam (1.1.8-3ubuntu4) utopic; urgency=medium

  * No-change rebuild to get debug symbols on all architectures.

Author: Steve Langasek
Author Date: 2013-05-18 05:20:04 UTC

releasing version 1.1.3-8ubuntu3

Author: Wookey
Author Date: 2013-02-15 18:45:27 UTC

Disable libaudit for stage1 bootstrap (LP: #1126404)

Author: Steve Langasek
Author Date: 2012-07-03 06:55:28 UTC

releasing version 1.1.3-7ubuntu3

Author: Marc Deslauriers
Author Date: 2011-10-24 19:28:09 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX