[ubuntu/vivid-proposed] pam 1.1.8-3.1ubuntu1 (Accepted)
Michael Vogt
michael.vogt at ubuntu.com
Mon Oct 27 09:02:14 UTC 2014
pam (1.1.8-3.1ubuntu1) vivid; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
not present there or in /etc/security/pam_env.conf. (should send to
Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/libpam0g.postinst: check if gdm is actually running before
trying to reload it.
- debian/libpam0g.postinst: the init script for 'samba' is now named
'smbd' in Ubuntu, so fix the restart handling.
- Change Vcs-Bzr to point at the Ubuntu branch.
- debian/patches-applied/series: Ubuntu patches are as below ...
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
Deprecate pam_unix's explicit "usergroups" option and instead read it
from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
there. This restores compatibility with the pre-PAM behaviour of login.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent
showing it again.
- debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
for update-motd, with some best practices and notes of explanation.
- debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
to update-motd(5)
- debian/local/common-session{,-noninteractive}: Enable pam_umask by
default, now that the umask setting is gone from /etc/profile.
- debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
- Build-depend on libfl-dev in addition to flex, for cross-building
support.
- Add /usr/local/games to PATH.
- Adjust debian/patches-applied/update-motd to write to
/run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
to use this file and no longer links /etc/motd to /var/run/motd.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
include patch to autogenerated manpage file
- debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
Update patch with follow-up changes to loginuid.c
- debian/patches-applied/extrausers.patch: Add a pam_extrausers module
that is basically just a copy of pam_unix but looks at
/var/lib/extrausers/{group,passwd,shadow} instead of /etc/
- debian/libpam-modules-bin.install: install the helper binaries for
pam_extrausers to /sbin
- debian/rules: Make pam_extrausers_chkpwd sguid shadow
- debian/patches-applied/extrausers.patch: Ship pre-generated man page
pam (1.1.8-3.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-7041: case-insensitive comparison used for verifying
passwords in the pam_userdb module (closes: #731368).
* Fix CVE-2014-2583: multiple directory traversal issues in the
pam_timestamp module (closes: 757555)
Date: Mon, 27 Oct 2014 09:57:52 +0100
Changed-By: Michael Vogt <michael.vogt at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/vivid/+source/pam/1.1.8-3.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 27 Oct 2014 09:57:52 +0100
Source: pam
Binary: libpam0g libpam-modules libpam-modules-bin libpam-runtime libpam0g-dev libpam-cracklib libpam-doc
Architecture: source
Version: 1.1.8-3.1ubuntu1
Distribution: vivid
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Michael Vogt <michael.vogt at ubuntu.com>
Description:
libpam-cracklib - PAM module to enable cracklib support
libpam-doc - Documentation of PAM
libpam-modules - Pluggable Authentication Modules for PAM
libpam-modules-bin - Pluggable Authentication Modules for PAM - helper binaries
libpam-runtime - Runtime support for the PAM library
libpam0g - Pluggable Authentication Modules library
libpam0g-dev - Development files for PAM
Closes: 731368 757555
Changes:
pam (1.1.8-3.1ubuntu1) vivid; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
not present there or in /etc/security/pam_env.conf. (should send to
Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/libpam0g.postinst: check if gdm is actually running before
trying to reload it.
- debian/libpam0g.postinst: the init script for 'samba' is now named
'smbd' in Ubuntu, so fix the restart handling.
- Change Vcs-Bzr to point at the Ubuntu branch.
- debian/patches-applied/series: Ubuntu patches are as below ...
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
Deprecate pam_unix's explicit "usergroups" option and instead read it
from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
there. This restores compatibility with the pre-PAM behaviour of login.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent
showing it again.
- debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
for update-motd, with some best practices and notes of explanation.
- debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
to update-motd(5)
- debian/local/common-session{,-noninteractive}: Enable pam_umask by
default, now that the umask setting is gone from /etc/profile.
- debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
- Build-depend on libfl-dev in addition to flex, for cross-building
support.
- Add /usr/local/games to PATH.
- Adjust debian/patches-applied/update-motd to write to
/run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
to use this file and no longer links /etc/motd to /var/run/motd.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
include patch to autogenerated manpage file
- debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
Update patch with follow-up changes to loginuid.c
- debian/patches-applied/extrausers.patch: Add a pam_extrausers module
that is basically just a copy of pam_unix but looks at
/var/lib/extrausers/{group,passwd,shadow} instead of /etc/
- debian/libpam-modules-bin.install: install the helper binaries for
pam_extrausers to /sbin
- debian/rules: Make pam_extrausers_chkpwd sguid shadow
- debian/patches-applied/extrausers.patch: Ship pre-generated man page
.
pam (1.1.8-3.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-7041: case-insensitive comparison used for verifying
passwords in the pam_userdb module (closes: #731368).
* Fix CVE-2014-2583: multiple directory traversal issues in the
pam_timestamp module (closes: 757555)
Checksums-Sha1:
b9901020abba4466a5cd784bef0592eaf54c935b 1949 pam_1.1.8-3.1ubuntu1.dsc
723b12d8f3b7248dbc0730f0f5cf8754eb8d6788 195814 pam_1.1.8-3.1ubuntu1.diff.gz
Checksums-Sha256:
7d1d1d06fbcec5615efb6954ac0a1fbcbe52743ac433e17c4b6f4d6e66861433 1949 pam_1.1.8-3.1ubuntu1.dsc
7a8da0dd4039d8972207ba11d4f278a804dcf72b37c546e19ab7fce5d5325ba4 195814 pam_1.1.8-3.1ubuntu1.diff.gz
Files:
a3342ce696de0c06ddda94108a77ebb6 1949 libs optional pam_1.1.8-3.1ubuntu1.dsc
ee98d6edc772625b0b44127996aff202 195814 libs optional pam_1.1.8-3.1ubuntu1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlROCWwACgkQliSD4VZixzSKUgCghtqlghqnWVdiTlMDsLWiLwlN
tkQAnj1N3WTpuRrniMBBxgK33BqRfde3
=9+Yo
-----END PGP SIGNATURE-----
More information about the Vivid-changes
mailing list