Ubuntu
shadow package

lp:ubuntu/dapper-security/shadow

Dapper (6.06)
dapper-security

Created by James Westby on 2009-06-26 and last modified on 2009-06-26

Get this branch:: bzr branch lp:ubuntu/dapper-security/shadow

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

11. By Kees Cook on 2008-12-08: * SECURITY UPDATE: root privilege escalation via utmp group.
- debian/patches/303_login_symlink_attack: upstream fix thanks
to Paul Szabo and Nicolas François.
10. By Jamie Strandboge on 2008-11-12: disable the root password for virtual machines created with vm-builder
on Ubuntu 8.10. (LP: #296841)
9. By Colin Watson on 2006-07-11: Tidy up after Malone bug #48350, which left an empty root password if
you backed up from the installer's final message, by locking the root
password if this condition is detected. Unfortunately I don't know of a
reliable way to tell whether this situation arose due to the installer
bug or deliberately, so the postinst is verbose and we make sure only to
make this change once.
8. By Martin Pitt on 2006-07-05: * SECURITY UPDATE: Root privilege escalation.
* debian/patches/360_setuid_failure:
  - src/passwd.c: Check for failing setuid() (which can happen if user hits
    PAM limits). Before, passwd continued to run as root and executed
    chfn/chsh/gpasswd as root instead of as the user.
  - Thanks to Sune Kloppenborg Jeppesen for pointing this out.
7. By Daniel Silverstone on 2006-04-03: Remove management of /etc/shells now that debianutils owns it.
Removed debian/{README.shells,passwd.docs}
Updated debian/{rules,passwd.postinst,passwd.postrm}
6. By Colin Watson on 2006-03-12: Tidy up after Malone bug #34606, which left passwords exposed in
/var/log/installer/cdebconf/questions.dat, by removing those passwords;
for good measure, make /var/log/installer/cdebconf/world-unreadable if
this bug is detected.
5. By Colin Watson on 2005-12-04: Resynchronise with Debian.
4. By Colin Watson on 2005-10-11: Stop including passwd.templates in initial-passwd-udeb.templates; it's
no longer necessary with passthrough, and it triggers a debconf-copydb
bug which wipes out all translations in the target configdb.
3. By Colin Watson on 2005-04-05: * Update Greek translation (thanks, Giorgos Logiotatidis).
* Update Romanian translation (thanks, Ovidiu Damian).
* Update Spanish translation (thanks, Enrique Matías Sánchez).
* Add Xhosa translation (thanks, Adi Attar).
2. By Colin Watson on 2004-09-14: Update German translation of passwd/user-fullname.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/shadow

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntushadow package