lp:ubuntu/gutsy-security/shadow
- Get this branch:
- bzr branch lp:ubuntu/gutsy-security/shadow
Branch merges
Branch information
Recent revisions
- 18. By Kees Cook
-
* SECURITY UPDATE: root privilege escalation via utmp group.
- debian/patches/ 303_login_ symlink_ attack: upstream fix thanks
to Paul Szabo and Nicolas François. - 17. By Jamie Strandboge
-
disable the root password for virtual machines created with vm-builder
on Ubuntu 8.10. (LP: #296841) - 16. By Christian Perrier
-
* The "Etorki" release
* Fix debian/copyright and mention that the upstream site
is "temporarily?) no longer available. Closes: #423956
Add the various copyrights from Marek, Andrzej and Tomasz
(deduced from the ChangeLog entries as upstream doesn't have an
explicit copyright file)
* Debian packaging fixes:
The 3 following entries fix the FTBFS when built twice in a row.
Closes: #424257
- 498_man_nonpam_ undefined: Do not patch the generated man/it/Makefile.in.
- 409_man_generate_ from_PO: Generate the translated man pages at build
time.
- 200_regenerate_manpages: No more needed. - 15. By Christian Perrier
-
* The "Feuille de Dreux" release
* New upstream version
* Debian packaging fixes:
- 505_useradd_recommend_ adduser: Recommend using adduser and deluser for
regular operations. Closes: #406046
- Versioned Build-Depends on gnome-doc-utils as we use the "-l"
switch of xml2po. Closes: #390110
- Remove conflicts for packages that are only in Debian releases prior
to sarge:
- passwd: shadow-passwd, pam-apps, suidregister (<< 0.50), debconf (<< 0.5)
- login: shadow-login, pam-apps, secure-su, suidregister (<< 0.50)
- Remove all debconf configuration. This is now done in D-I and is
no longer useful on regular systems. Closes: #386529
- Remove Replaces for packages that are only in Debian releases prior
- passwd: manpages (<=1.15-2), manpages-pl (<= 20020406-1)
- login: shadow-login, shadow-passwd, shellutils (<< 2.0-2), manpages-pl (<= 20020406-1)
- Remove unneeded Build-Depends: bzip2, file, texinfo, libpam-runtime
- /etc/default/useradd: Mentions the creation of primary user groups is
neither -n nor -g are specified. See also 407_adduser_disable_ PUG_with- n
- no longer include /usr/bin/X11 in defaults PATH variable. Closes: #395890
- set debhelper compatibility to 5 through debian/compat
- ignore a false positive lintian warning about
possible-missing- colon-in- closes in line 668 of the changelog
* Upstream bugs not yet fixed in upstream releases or CVS:
- 493_pwck_no_SHADOWPWD: SHADOWPWD no more exist.
pwck do not detect missing users in /etc/shadow.
- 466_fflush-prompt: Fix compilation error.
One call to yes_or_no was forgotten because it was in
commented code (which is now enabled).
- 406_vipw_resume_ properly: Resume correctly after ^Z
Thanks to Dean Gaudet for the patch and report. Closes: #414542
- 497_newgrp_primary_ group: Do not request a password when a user uses
newgrp to switch to her primary group. Closes: #396691
- 407_adduser_disable_ PUG_with- n: Add option -n to useradd to disable the
creation of primary user groups. Closes: #416835
- 408_passwd_check_arguments : Check the passwd arguments and fail with the
usage message if there are more than one non option arguments (i.e.
usernames). Closes: #410268
* Upstream bugs fixed in upstream releases or CVS:
- 497_non_numerical_ identifier moved as 397_non_ numerical_ identifier
because upstream applied it - 14. By Christian Perrier
-
* The "Pélardon" release
* Debian packaging fixes:
- debian/recode_ manpages. sh: Recode the Swedish manpages to ISO-8859-1.
Closes: #403210
- 200_regenerate_manpages: Manually generate the man pages. This fixes the
formatting of some pages (e.g. passwd.5); permits to propagate the Debian
changes to the translated manpages; and to benefit from the fixes in the
Swedish manpages (see 104_man-sv).
* Upstream bugs fixed upstream:
- 104_man-sv: Fix Swedish manpages's PO encoding (some characters were
converted twice to UTF-8).
* Upstream bugs or fixes not yet fixed in upstream releases or CVS:
- 405_su_no_pam_ end_before_ exec: Avoid terminating the PAM library in the
forked child. This is done later in the parent after closing the PAM
session. With pam_krb5, this allow users to reuse the cached credential
in the forked shell. Closes: #412061 - 13. By Martin Pitt
-
* Merge from debian unstable, remaining changes:
- debian/passwd. postinst: Tidy up after Breezy d-i's password exposure in
log files. (LP#34606) - 12. By Martin Pitt
-
* Merge with Debian, remaining Ubuntu changes:
- debian/passwd. postinst: Tidy up after Breezy d-i's password exposure in
log files. (LP#34606)
* Drop passwd/root-password- empty debconf question and translations, and
Ubuntu specific changes in initial user creation; we do not use this any
more since Dapper.
* Drop manually merged translations, since we can use language packs for
shadow now. - 10. By Martin Pitt
-
* Fix FTBFS due to new gettext 0.15:
- debian/rules: Use automake 1.9 instead of 1.7, 1.7 breaks with newer
gettext.
- Add debian/patches/ 593_po_ mkinstalldirs: Hardcode the value of
'mkinstalldirs' in po/Makefile.in.in instead of using @MKINSTALLDIRS@.
The latter has been removed from gettext 0.15. This is a Gross Hack™,
but has to do for Edgy.
- Closes: LP#66506 - 9. By Colin Watson
-
* Consolidate some duplicated code in passwd.postinst.
* Tidy up after Malone bug #48350, which left an empty root password if
you backed up from the installer's final message, by locking the root
password if this condition is detected. Unfortunately I don't know of a
reliable way to tell whether this situation arose due to the installer
bug or deliberately, so the postinst is verbose and we make sure only to
make this change once.
* 495_salt_stack_smash: Make sure the salt returned from crypt_make_salt
is properly truncated if MD5_CRYPT_ENAB is disabled, and make chpasswd
and chgpasswd more careful to avoid a (small) buffer overflow while
handling that salt in their MD5 modes. Fixes chpasswd/chgpasswd crashes
when SSP is enabled.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/shadow