Created by James Westby on 2009-12-19 and last modified on 2011-10-17
Get this branch:
bzr branch lp:debian/squeeze/pam
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

17. By Moritz Muehlenhoff <email address hidden> on 2011-10-17

* Non-maintainer upload by the Security Team
* Fix CVE-2011-3148 and CVE-2011-3149

16. By Christian Perrier on 2010-10-19

* Non-maintainer upload.
* Fix pending l10n issues. Debconf translations:
  - Czech (Miroslav Kure). Closes: #598329
  - Slovak (Ivan Masár). Closes: #600164
  - Japanese (Kenshi Muto). Closes: #600247
  - Finnish (Esko Arajärvi). Closes: #600641

15. By Steve Langasek on 2010-09-05

* Updated debconf translations:
  - Swedish, thanks to Martin Bagge <email address hidden> (closes: #575875)

14. By Steve Langasek on 2010-09-05

* debian/rules: pass getconf LFS_CFLAGS so that we get a 64-bit rlimit
  interface. Closes: #579402.
* Update debian/source.lintian-overrides to clean up some spurious
* Bump Standards-Version to 3.9.1.
* Add lintian overrides for a few more spurious warnings.
* debian/patches-applied/no_PATH_MAX_on_hurd: define PATH_MAX for
  compatibility when it's not already set. Closes: #552043.
* debian/local/pam-auth-update: Don't try to pass embedded newlines to
  debconf; backslash-escape them instead and use CAPB escape.
* debian/local/pam-auth-update: sort additional module options before
  writing them out, so that we don't wind up with a different config file
  on every invocation. Thanks to Jim Paris <email address hidden> for the patch.
  Closes: #594123.

13. By Steve Langasek on 2010-08-15

* debian/patches/conditional_module,_conditional_man: if we don't have the
  libraries required for building pam_tty_audit, we shouldn't install the
  manpage either. LP: #588547.
* Updated debconf translations:
  - Portuguese, thanks to Eder L. Marques <email address hidden>
    (closes: #581746)
  - Spanish, thanks to Javier Fernandez-Sanguino Peña <email address hidden>
    (closes: #592172)
  - Galician, thanks to Jorge Barreiro <email address hidden>
    (closes: #592808)
* Don't pass --version-script options when linking executables,
  only when linking libraries. Thanks to Julien Cristau
  <email address hidden> for the fix. Closes: #582362.

12. By Steve Langasek on 2010-04-25

* pam-auth-update: fix a bug in our handling of module options when the
  module name contains digits, caused by a buggy regexp. :/ Partially
  addresses LP #369575.
* Install /sbin/pam_tally2 in the libpam-modules package; thanks to
  Olivier BONHOMME <email address hidden> for reporting. Closes: #554010.

11. By Steve Langasek on 2010-02-17

Document the new symbols added in 1.1.1 in debian/libpam0g.symbols, and
raise the minimum version for the service restarting code.
Closes: #568480.

10. By Steve Langasek on 2010-02-01

* New upstream version.
  - restore proper netgroup handling in pam_access.
    Closes: #567385, LP: #513955.
* Drop patches pam.d-manpage-section, namespace_with_awk_not_gawk, and
  pam_securetty_tty_check_before_user_check, which are included upstream.
* debian/patches/026_pam_unix_passwd_unknown_user: don't return
  PAM_USER_UNKNOWN on password change of a user that has no shadow entry,
  upstream now implements auto-creating the shadow entry in this case.
* Updated debconf translations:
  - French, thanks to Jean-Baka Domelevo Entfellner <email address hidden>
    (closes: #547039)
  - Bulgarian, thanks to Damyan Ivanov <email address hidden> (closes: #562835)
* debian/patches/sys-types-include.patch: fix pam_modutil.h so that it can
  be included directly, without having to include sys/types.h first.
  Closes: #556203.
* Add postgresql-8.3 to the list of services in need of restart on upgrade.
  Closes: #563674.
* And drop postgresql-{7.4,8.1} from the list, neither of which is present
  in stable.
* debian/patches/007_modules_pam_unix: recognize that *all* of the password
  hashes other than traditional crypt handle passwords >8 chars in length.
  LP: #356766.

9. By Steve Langasek on 2009-09-14

* debian/patches/pam_securetty_tty_check_before_user_check: new patch,
  to make pam_securetty always return success on a secure tty regardless
  of what username was passed. Thanks to Nicolas François
  <email address hidden> for the patch. Closes: #537848
* debian/local/pam-auth-update: only reset the seen flag on the template
  when there's new information; this avoids reprompting users for the same
  information on upgrade, regardless of the debconf priority used.
  Closes: #544805.
* libpam0g no longer depends on libpam-runtime; packages that use
  /etc/pam.d/common-* must depend directly on libpam-runtime, and most do
  (including the Essential: yes ones), so let's break this circular
  dependency. Closes: #545086, LP: #424566.

8. By Steve Langasek on 2009-08-06

[ Steve Langasek ]
* Updated debconf translations:
  - Finnish, thanks to Esko Arajärvi <email address hidden> (closes: #520785)
  - Russian, thanks to Yuri Kozlov <email address hidden> (closes: #521874)
  - German, thanks to Sven Joachim <email address hidden> (closes: #521530)
  - Basque, thanks to Piarres Beobide <email address hidden>
    (closes: #524285)
* When no profiles are chosen in pam-auth-update, throw an error message
  and prompt again instead of letting the user end up with an insecure
  system. This introduces a new debconf template. Closes: #519927,
  LP: #410171.

[ Kees Cook ]
* Add debian/patches/pam_1.0.4_mindays: backport upstream 1.0.4 fixes
  for MINDAYS-Field regression (closes: #514437).
* debian/control: add missing misc:Depends for packages that need it.

[ Sam Hartman ]
* Remove conflicts information for transitions prior to woody release
* Fix lintian overrides for libpam-runtime
* Overrides for lintian finding quilt patches
* pam_mail-fix-quiet: patch from Andreas Henriksson
  applied upstream to fix quiet option of pam_mail, Closes: #439268

[ Dustin Kirkland ]
* debian/patches/update-motd: run the update-motd scripts in pam_motd;
  render update-motd obsolete, LP: #399071

[ Sam Hartman ]
* cve-2009-0887-libpam-pam_misc.patch: avoid integer signedness problem
  (CVE-2009-0887) (Closes: #520115)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.