Last commit made on 2019-02-12
Get this branch:
git clone -b oneiric https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/pam/+git/pam
Members of Ubuntu Core Development Team can upload to this branch. Log in for directions.

Branch merges

Branch information

Recent commits

f10771d... by Marc Deslauriers on 2011-10-24

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in modules/pam_env/pam_env.c.
  - CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
  - debian/patches-applied/update-motd: updated to use clean environment
    and absolute paths in modules/pam_motd/pam_motd.c.
  - CVE-2011-XXXX

b1a829f... by Steve Langasek on 2011-10-09

No-change rebuild to regenerate compressed manpages, which for some
unknown reason were compressed differently on some architectures than
on others, breaking multiarch co-installability. LP: #871083.

bbf4e74... by Kees Cook on 2011-08-19

releasing version 1.1.3-2ubuntu1

6c70c95... by Kees Cook on 2011-08-18

* Merge with Debian to get bug fix for unknown kernel rlimits. Remaining
  - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
    not present there or in /etc/security/pam_env.conf. (should send to
  - debian/libpam0g.postinst: only ask questions during update-manager when
    there are non-default services running.
  - Change Vcs-Bzr to point at the Ubuntu branch.
  - debian/patches-applied/series: Ubuntu patches are as below ...
  - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
    initialise RLIMIT_NICE rather than relying on the kernel limits.
  - debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent
    showing it again.
  - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
    for update-motd, with some best practices and notes of explanation.
  - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
    to update-motd(5)
  - debian/libpam0g.postinst: drop kdm from the list of services to
  - debian/libpam0g.postinst: check if gdm is actually running before
    trying to reload it.
  - debian/local/common-session{,-noninteractive}: Enable pam_umask by
    default, now that the umask setting is gone from /etc/profile.
  - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
  - add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
    Deprecate pam_unix' explicit "usergroups" option and instead read it
    from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
    there. This restores compatibility with the pre-PAM behaviour of login.
    (Closes: #583958)
* Dropped changes:
  - debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
    no need to bump the hard limit for number of file descriptors any more
    since we read kernel limits directly now.
* debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
  - only report about unknown kernel rlimits when "debug" is set
    (Closes: 625226, LP: #794531).
* Build for multiarch. Closes: #463420.
* debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
  don't reset the process niceness for root; since it's root, they can
  still renice to a lower nice level if they need to and changing the
  nice level by default is unexpected behavior. Closes: #594377.

06344e9... by Steve Langasek on 2011-08-04

releasing version 1.1.3-1ubuntu3

13227a1... by Martin Pitt on 2011-06-23

debian/local/pam-auth-update: Add the new md5sum of above files.

a2f0002... by Martin Pitt on 2011-06-22

Add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
Deprecate pam_unix' explicit "usergroups" option and instead read it from
/etc/login.def's "USERGROUP_ENAB" option if umask is only defined there.
This restores compatibility with the pre-PAM behaviour of login.
(Closes: #583958)

7ba32fb... by Martin Pitt on 2011-06-22

debian/local/common-session{,-noninteractive}: Enable pam_umask by
default, now that the umask setting is gone from /etc/profile.
(LP: #253096, UbuntuSpec:umask-to-0002)

1c15868... by Steve Langasek on 2011-06-07

debian/patches/pam_motd-legal-notice: use pam_modutil_gain/drop_priv
common helper functions, instead of hand-rolled uid-setting code.

5c76279... by Steve Langasek on 2011-06-04

releasing version 1.1.3-1ubuntu2