[ubuntu/noble-proposed] shadow 1:4.13+dfsg1-3ubuntu1 (Accepted)
Lukas Märdian
slyon at ubuntu.com
Tue Dec 5 10:50:20 UTC 2023
shadow (1:4.13+dfsg1-3ubuntu1) noble; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/login.defs: Enable private home directories by default
- debian/login.defs: Update documentation of USERGROUPS_ENAB/UMASK
+ USERGROUPS_ENAB: with pam_umask, the UPG handling does not only apply
to "former (pre-PAM) uses".
+ UMASK: Explain that USERGROUPS_ENAB will modify this default for UPGs.
- debian/{source_shadow.py,login.install}: Add apport hook
- debian/patches/1010_extrausers.patch:
+ Add support to passwd for libnss-extrausers
+ Add automatic detection of "extrausers" for usermod -G
- d/p/1011_extrausers_toggle.patch: extrausers support for useradd/groupadd
- d/p/1012_extrausers_chfn.patch: --extrausers support for chfn tool
- d/p/1013_extrausers_deluser.patch: --extrausers support for userdel
- d/p/1014_extrausers_delgroup.patch: --extrausers support for groupdel
- d/p/1015_add_zsys_support.patch: zsys to handle home dir if available
- d/p/1016_extrausers_gpasswd.patch: extrausers support for gpasswd
- d/p/506_relaxed_usernames.patch, d/t/{control,numeric-username}:
+ disallow purely numeric usernames
- d/t/smoke: Extend for extrausers support
shadow (1:4.13+dfsg1-3) unstable; urgency=medium
* Team upload
* Remove myself from uploaders
shadow (1:4.13+dfsg1-2) unstable; urgency=medium
[ Balint Reczey ]
* debian/gitlab-ci.yml: Use sudo to fix reprotest test
* debian/login.pam: Drop reference to Debian Etch (Closes: #1040064)
* debian/NEWS: Fix false claim about PREVENT_NO_AUTH affecting authentication.
Also drop setting PREVENT_NO_AUTH in shipped login.defs. (Closes: #1041547)
* Cherry-pick upstream patch to fix gpasswd passwd leak
(CVE-2023-4641) (Closes: #1051062)
* Cherry-pick upstream patch to fix chfn vulnerability allowing injection of
control characters into some /etc/passwd fields.
(CVE-2023-29383) (Closes: #1034482)
[ Gioele Barabucci ]
* Support <nodoc> build profile
`xsltproc`, `docbook` and all other XML-related packages are not needed
when the `<nodoc>` build profile is active, as long as `./configure` is
called with `--disable-man`. (Closes: #1051827)
Date: Tue, 05 Dec 2023 11:36:01 +0100
Changed-By: Lukas Märdian <slyon at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/shadow/1:4.13+dfsg1-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 05 Dec 2023 11:36:01 +0100
Source: shadow
Built-For-Profiles: noudeb
Architecture: source
Version: 1:4.13+dfsg1-3ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lukas Märdian <slyon at ubuntu.com>
Closes: 1034482 1040064 1041547 1051062 1051827
Changes:
shadow (1:4.13+dfsg1-3ubuntu1) noble; urgency=medium
.
* Merge with Debian unstable. Remaining changes:
- d/login.defs: Enable private home directories by default
- debian/login.defs: Update documentation of USERGROUPS_ENAB/UMASK
+ USERGROUPS_ENAB: with pam_umask, the UPG handling does not only apply
to "former (pre-PAM) uses".
+ UMASK: Explain that USERGROUPS_ENAB will modify this default for UPGs.
- debian/{source_shadow.py,login.install}: Add apport hook
- debian/patches/1010_extrausers.patch:
+ Add support to passwd for libnss-extrausers
+ Add automatic detection of "extrausers" for usermod -G
- d/p/1011_extrausers_toggle.patch: extrausers support for useradd/groupadd
- d/p/1012_extrausers_chfn.patch: --extrausers support for chfn tool
- d/p/1013_extrausers_deluser.patch: --extrausers support for userdel
- d/p/1014_extrausers_delgroup.patch: --extrausers support for groupdel
- d/p/1015_add_zsys_support.patch: zsys to handle home dir if available
- d/p/1016_extrausers_gpasswd.patch: extrausers support for gpasswd
- d/p/506_relaxed_usernames.patch, d/t/{control,numeric-username}:
+ disallow purely numeric usernames
- d/t/smoke: Extend for extrausers support
.
shadow (1:4.13+dfsg1-3) unstable; urgency=medium
.
* Team upload
* Remove myself from uploaders
.
shadow (1:4.13+dfsg1-2) unstable; urgency=medium
.
[ Balint Reczey ]
* debian/gitlab-ci.yml: Use sudo to fix reprotest test
* debian/login.pam: Drop reference to Debian Etch (Closes: #1040064)
* debian/NEWS: Fix false claim about PREVENT_NO_AUTH affecting authentication.
Also drop setting PREVENT_NO_AUTH in shipped login.defs. (Closes: #1041547)
* Cherry-pick upstream patch to fix gpasswd passwd leak
(CVE-2023-4641) (Closes: #1051062)
* Cherry-pick upstream patch to fix chfn vulnerability allowing injection of
control characters into some /etc/passwd fields.
(CVE-2023-29383) (Closes: #1034482)
.
[ Gioele Barabucci ]
* Support <nodoc> build profile
`xsltproc`, `docbook` and all other XML-related packages are not needed
when the `<nodoc>` build profile is active, as long as `./configure` is
called with `--disable-man`. (Closes: #1051827)
Checksums-Sha1:
04572f70233b7599a7e0245e1d1d2d0f62ebf5f6 2514 shadow_4.13+dfsg1-3ubuntu1.dsc
9b3e7ae76db8b6bd7299b94022feb2115a3468d3 94664 shadow_4.13+dfsg1-3ubuntu1.debian.tar.xz
cc5aaf0979994f56608c9f03166d3cbb9cb42cc1 8660 shadow_4.13+dfsg1-3ubuntu1_source.buildinfo
Checksums-Sha256:
8b954e622403e8d36bc55075763c71182ac1f5226c0626a4671f18f1223ae19d 2514 shadow_4.13+dfsg1-3ubuntu1.dsc
b4117b56d6f18dc8eebbbcf0082566d6dd17215d676ce3bc5a4937d46b3d21fa 94664 shadow_4.13+dfsg1-3ubuntu1.debian.tar.xz
c703820f3dc0e34b799f21f2d6ee83b42ae7d7e91a399fa7e074b546c62bd69b 8660 shadow_4.13+dfsg1-3ubuntu1_source.buildinfo
Files:
ca334703784b39562308e97ca96c47f2 2514 admin required shadow_4.13+dfsg1-3ubuntu1.dsc
db8481c2552d821b10d243b101591bd0 94664 admin required shadow_4.13+dfsg1-3ubuntu1.debian.tar.xz
5422b4a3bed6159b13b15cec8c261e32 8660 admin required shadow_4.13+dfsg1-3ubuntu1_source.buildinfo
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
Vcs-Git: https://git.launchpad.net/~slyon/ubuntu/+source/shadow
Vcs-Git-Ref: refs/heads/merge-noble
Vcs-Git-Commit: 7ea9a713995ca2479d4e73e901d6023919a5b38e
More information about the noble-changes
mailing list