[ubuntu/raring-proposed] pam 1.1.3-8ubuntu1 (Accepted)

Steve Langasek steve.langasek at ubuntu.com
Tue Feb 12 06:40:23 UTC 2013 

pam (1.1.3-8ubuntu1) raring; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix' explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.  LP: #110287.

pam (1.1.3-8) unstable; urgency=low

  * Confirm NMU for bug #611136; thanks to Michael Gilbert.
    - As a side effect, there will no longer be errors from reading the
      .pam_environment twice since we are now reading it 0 times.
      LP: #955032.
  * Adjust the pam_env documentation to match the module behavior resulting
    from the previous security upload.  Closes: #693995.
  * debian/rules: never regenerate manpages at build time; this may cause
    build skew that breaks the world in a multiarch context.  LP: #1095887.
  * debian/patches-applied/glibc-2_16-compilation-fix.patch: fix missing
    include causing build failure with eglibc 2.16.  Thanks to Daniel
    Schepler <dschepler at gmail.com>.  Closes: #693450.
  * Ditch autoconf patch in favor of a build-dependency on dh-autoreconf,
    which will let us keep up-to-date with newer autotools.  In the present
    instance, this gets us aarch64 support.
  * Install pam_timestamp_check - and while we're at it, move the manpage
    to the correct binary package.  Closes: #648695.
  * Update lintian overrides to suppress some noise about hardening and
    manpages.
  * Enable audit support, by popular demand.  This should have no major
    impact unless you're also running auditd; but I reserve the right to
    disable this again in the event that this causes a performance hit or
    breaks upgrades (since the dependency is pulled into libpam, not just
    into pam_tty_audit).  Closes: #699159, LP: #937005.

pam (1.1.3-7.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix cve-2010-4708: user-configurable .pam_environment allows
    administrator-level changes without root access (closes: #611136).

Date: Mon, 11 Feb 2013 22:08:44 -0800
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/pam/1.1.3-8ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 11 Feb 2013 22:08:44 -0800
Source: pam
Binary: libpam0g libpam-modules libpam-modules-bin libpam-runtime libpam0g-dev libpam-cracklib libpam-doc
Architecture: source
Version: 1.1.3-8ubuntu1
Distribution: raring
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Description: 
 libpam-cracklib - PAM module to enable cracklib support
 libpam-doc - Documentation of PAM
 libpam-modules - Pluggable Authentication Modules for PAM
 libpam-modules-bin - Pluggable Authentication Modules for PAM - helper binaries
 libpam-runtime - Runtime support for the PAM library
 libpam0g   - Pluggable Authentication Modules library
 libpam0g-dev - Development files for PAM
Closes: 611136 648695 693450 693995 699159
Launchpad-Bugs-Fixed: 110287 937005 955032 1095887
Changes: 
 pam (1.1.3-8ubuntu1) raring; urgency=low
 .
   * Merge from Debian unstable, remaining changes:
     - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
       not present there or in /etc/security/pam_env.conf. (should send to
       Debian).
     - debian/libpam0g.postinst: only ask questions during update-manager when
       there are non-default services running.
     - debian/libpam0g.postinst: check if gdm is actually running before
       trying to reload it.
     - debian/libpam0g.postinst: the init script for 'samba' is now named
       'smbd' in Ubuntu, so fix the restart handling.
     - Change Vcs-Bzr to point at the Ubuntu branch.
     - debian/patches-applied/series: Ubuntu patches are as below ...
     - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
       initialise RLIMIT_NICE rather than relying on the kernel limits.
     - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
       Deprecate pam_unix' explicit "usergroups" option and instead read it
       from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
       there. This restores compatibility with the pre-PAM behaviour of login.
     - debian/patches-applied/pam_motd-legal-notice: display the contents of
       /etc/legal once, then set a flag in the user's homedir to prevent
       showing it again.
     - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
       for update-motd, with some best practices and notes of explanation.
     - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
       to update-motd(5)
     - debian/local/common-session{,-noninteractive}: Enable pam_umask by
       default, now that the umask setting is gone from /etc/profile.
     - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
     - Build-depend on libfl-dev in addition to flex, for cross-building
       support.
     - Add /usr/local/games to PATH.  LP: #110287.
 .
 pam (1.1.3-8) unstable; urgency=low
 .
   * Confirm NMU for bug #611136; thanks to Michael Gilbert.
     - As a side effect, there will no longer be errors from reading the
       .pam_environment twice since we are now reading it 0 times.
       LP: #955032.
   * Adjust the pam_env documentation to match the module behavior resulting
     from the previous security upload.  Closes: #693995.
   * debian/rules: never regenerate manpages at build time; this may cause
     build skew that breaks the world in a multiarch context.  LP: #1095887.
   * debian/patches-applied/glibc-2_16-compilation-fix.patch: fix missing
     include causing build failure with eglibc 2.16.  Thanks to Daniel
     Schepler <dschepler at gmail.com>.  Closes: #693450.
   * Ditch autoconf patch in favor of a build-dependency on dh-autoreconf,
     which will let us keep up-to-date with newer autotools.  In the present
     instance, this gets us aarch64 support.
   * Install pam_timestamp_check - and while we're at it, move the manpage
     to the correct binary package.  Closes: #648695.
   * Update lintian overrides to suppress some noise about hardening and
     manpages.
   * Enable audit support, by popular demand.  This should have no major
     impact unless you're also running auditd; but I reserve the right to
     disable this again in the event that this causes a performance hit or
     breaks upgrades (since the dependency is pulled into libpam, not just
     into pam_tty_audit).  Closes: #699159, LP: #937005.
 .
 pam (1.1.3-7.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Fix cve-2010-4708: user-configurable .pam_environment allows
     administrator-level changes without root access (closes: #611136).
Checksums-Sha1: 
 9e2d5bbb9038f0594ecbfb39cf91cacceeb74e04 2560 pam_1.1.3-8ubuntu1.dsc
 e3ae6bec8406e88d5105d1f4e64a8f5d6b8a0f1d 194741 pam_1.1.3-8ubuntu1.diff.gz
Checksums-Sha256: 
 3e1d80c310928ad74bfe57c10f9bfb10eb5601f7f667faf78389a05e92f6ba20 2560 pam_1.1.3-8ubuntu1.dsc
 7592ca4dc1d2cd4302b427178f2d478850ad9c675d864c213e687ade30dc0c44 194741 pam_1.1.3-8ubuntu1.diff.gz
Files: 
 89759b826aa8666a54be133ebcda5bfc 2560 libs optional pam_1.1.3-8ubuntu1.dsc
 4e0868241b1465d6a655119817897a8e 194741 libs optional pam_1.1.3-8ubuntu1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRGdyOAAoJEFaNMPMhshM9C0gQAIrmkFbs7GNr+Ig/PXo6STrA
nwSmpkFrN7nJKRMdmlvg4OcCaYyaNelMd9hT6pARSK3OW1zxpNu6Few4K0slP9IC
M1Qv38+ZF21ZR4tCdOMJKMnbsCL5fVBaFRVXRjciM4ph7SeQxdu3VSTRLOoTgbHw
DBwVeUVWfQxV3P4zRV9jf9WA8dliopIDXoa+GkR9h4CFvY9bLcc6D/lh0o4vxXQq
DkB2l7A3HWJffuuD+GajxAj1p9tBwPWEpkU4ZNl6ZJUao1pzQPCnZMpJdGrpu+fv
0fAnw3vFIU30oZ/I3WdUjhZPp/qIcZ4oanX0p0iXdDvVGd5ck1rwuevkZgH3ayor
wmmPY+C+nDE28+ejZQHTfsewQm1CQQm5x8WZJTJC3GJs52F6ym+A7mxd/MbdRK9i
IiK5IduYasm6ly1FtEyuiTsHGIIP5mDAUszSrDjK2o1k7B21vCfBLtYCQ5mdoBf0
7XPTvlu4jXL3xAv5gtUKssb8aPPFrimoteJHNdHuhksHt+2RAmM7GX1m89x0rWYu
jDBLSAqPPfGqiOONB4tPrLPg50pNNBdvqSABLNHIpYW1XQq2vJeA0HnNvVeU7P6A
FNcUIGk6/Prj4YLRzKtY2FTnpAdbCAfbaCyMkyJDsmKADqj3wYhMwWl2twTUeaY4
hAYWWJjWN2rUgiezO9g/
=jHW3
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list