Changelog
shadow (1:4.1.3.1-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- Ubuntu specific:
+ debian/login.defs: use SHA512 by default for password crypt routine.
- debian/patches/stdout-encrypted-password.patch: chpasswd can report
password hashes on stdout (debian bug 505640).
- debian/login.pam: Enable SELinux support (debian bug 527106).
- debian/securetty.linux: support Freescale MX-series (debian bug 527095).
* Add debian/patches/300_lastlog_failure: fixed upstream (debian bug 524873).
* Drop debian/patches/593_omit_lastchange_field_if_clock_is_misset: fixed
upstream.
shadow (1:4.1.3.1-1) unstable; urgency=low
* The "Le Puant Macéré" release.
Sorry for the lack of cheese name in 1:4.1.3-1. At least this one should
count for two.
* New upstream release:
- Fixed wrong parsing of octal permissions. This impacted login (permission
of the TTYs, UMASK, ERASECHAR or KILLCHAR) in release 1:4.1.3-1 only.
Closes: #524139, #524258
- removed debian/patches/200_bin_nb: Applied upstream.
- removed debian/patches/302_vim_selinux_support: Applied upstream.
- Fixed login segfault when called without a username. Closes: #524193
shadow (1:4.1.3-1) unstable; urgency=low
* The "" release.
* New upstream release:
- Fix possible login DOS. Closes: #505071
- Fix gpasswd and username with 32 characters. Closes: #508785
- Fix typo in nologin(8). Closes: #513252
- Remove old features from passwd(1). Closes: #499578
- login: Close passwd while waiting for exit. Closes: #474318
- login: fix the count of login failures. Closes: #498788
- Remove patches applied upstream (4.1.2):
+ debian/patches/434_login_stop_checking_args_after--
+ debian/patches/491_configure.in_friendly_selinux_detection
+ debian/patches/487_passwd_chauthtok_failed_message
+ debian/patches/406_vipw_resume_properly
+ debian/patches/414_remove-unwise-advices
+ debian/patches/300_SHA_crypt_method
+ debian/patches/301_manpages_missing_options
+ debian/patches/415_login_put-echoctl-back
+ debian/patches/431_su_uid_0_not_root
- Remove patches applied upstream (4.1.3):
+ debian/patches/200_Czech_binary_translation
+ debian/patches/302_remove_non_translated_polish_manpages
+ debian/patches/494_passwd_lock-no_account_lock
+ debian/patches/200_Czech_binary_translation
+ debian/patches/494_passwd_lock-no_account_lock
- Updated patches:
+ debian/patches/431_su_uid_0_not_root
+ debian/patches/463_login_delay_obeys_to_PAM
+ debian/patches/008_su_get_PAM_username
+ debian/patches/302_vim_selinux_support
+ debian/patches/008_login_log_failure_in_FTMP
+ debian/patches/429_login_FAILLOG_ENAB
+ debian/patches/428_grpck_add_prune_option
+ debian/patches/401_cppw_src.dpatch
+ debian/patches/506_relaxed_usernames
+ debian/patches/463_login_delay_obeys_to_PAM
+ debian/patches/542_useradd-O_option
- Translations
+ New Kazakh translation. Closes: #517809
+ Updated Slovak translation. Closes: #523621
* debian/patches/454_userdel_no_MAIL_FILE: Patch removed. If MAIL_FILE is
defined, the mailbox is not in MAIL_SPOOL_DIR.
* debian/patches/506_relaxed_usernames: Use an extra paragraph for the note
on username with a '/'.
* debian/patches/504_undef_USE_PAM.nolibpam,
debian/patches/504_undef_USE_PAM.dpatch, debian/rules: Patches removed.
Replaced by the --disable-account-tools-setuid configure option.
* debian/control: changed the "Replaces" on manpages-zh to a versioned
one on 1.5.1-1
* debian/control: drop all Replaces on manpages-* when the version is
prior to Etch
* Versioned Replaces on manpages-tr (<<1..5) as conflicting manpages have
been removed in that package
* debian/patches/402_cppw_selinux: Add SE Linux support for cppw / cpgr.
* debian/patches/900_testsuite_groupmems, debian/patches/901_testsuite_gcov:
Added patches, only intended to be used in the testsuite.
* debian/securetty.linux: Added ttyPZ0, ttyPZ1, ttyPZ2, ttyPZ3 for PowerMac
machines. Closes: #511739
* debian/patches/579_chowntty_debug: Removed. With the fix for 505071 and
505271, this additional debug information is no more needed.
* debian/patches/507_32char_grnames.dpatch: Patch removed. Replaced by the
--with-group-name-max-length=32 configure option.
* debian/patches/592_manpages_typos: No more needed.
* debian/patches/401_cppw_src.dpatch: Call fsync before closing the backup
file descriptor. This ensures that the backup file will be available on
the storage medium.
* debian/securetty.linux: Removed devfs devices. Usage of devfs enabled
kernel in Lenny was not supported. Closes: #511961
* debian/login.defs: Added /usr/local/games/ to ENV_PATH (for regular
users). Closes: #487105
* debian/patches/200_bin_nb: Updated Norwegian Bokmål translation.
Closes: #523798
* debian/login.defs: Update GID_MIN to 1000. This is more consistent with
UID_MIN, SYS_GID_MAX and the usage of the same ID for UID and GIDs. This
should also be more consistent with the assignment of system group IDs
starting from GID_MAX and going down.
-- Kees Cook <email address hidden> Tue, 05 May 2009 09:45:21 -0700