[ubuntu/maverick] sssd 1.2.1-4 (Accepted)

Michael Bienia geser at ubuntu.com
Sat Sep 4 12:00:28 BST 2010 

sssd (1.2.1-4) unstable; urgency=low

  * Add patch from Stephen Gallagher to ensure LDAP authentication
    never accept a zero length password (Closes: #594413).  Solves
    CVE-2010-2940.

sssd (1.2.1-3) unstable; urgency=low

  [ Petter Reinholdtsen ]
  * Look for /etc/default/sssd, not /etc/defaults/sssd in init.d
    script (Closes: #588252).
  * Make sssd.conf generation more robust, and make sure missing SRV
    records are ignored and not handled as host names.
  * Add code in generate-config to look up Kerberos realm using
    _kerberos TXT record in DNS if it exist.
  * Recommend bind9-host used by generate-config for SRV and TXT
    lookups.

  [ Morten Werner Forsbring ]
  * Check if /etc/default/sssd is a file and executable, not a directory,
    before sourcing in init-script. Thanks to lintian.

sssd (1.2.1-2) unstable; urgency=low

  * Make sure init.d script sources /etc/default/sssd (Closes: #588252).
  * Drop /etc/default/sssd from package, to avoid conffile question
    from dpkg during upgrades.
  * Make sure to only remove obsolete sssd conffiles on upgrades, not
    on first time installation.
  * Add new script generate-config and call it from the sssd postinst
    during first time installation to try to generate the sssd.conf
    file dynamically for LDAP and Kerberos using DNS entries, and fall
    back to the static example configuration if this fail.
  * Let sssd suggest libnss-sss and libpam-sss, to make those
    installing sssd aware of the other packages.
  * Add netgroup to nsswitch.conf entries added at first time
    installation, to make sure those installing now get working
    netgroups when sssd get netgroup support
  * Let sssd recommend ldap-utils as ldapsearch is used for generating
    the configuration.

Date: Wed, 25 Aug 2010 22:33:40 +0200
Changed-By: Michael Bienia <geser at ubuntu.com>
Maintainer: Petter Reinholdtsen <pere at debian.org>
Signed-By: Alessio Treglia <quadrispro at ubuntu.com>
Origin: debian/unstable
https://launchpad.net/ubuntu/maverick/+source/sssd/1.2.1-4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 25 Aug 2010 22:33:40 +0200
Source: sssd
Binary: sssd libnss-sss libpam-sss python-sss
Architecture: source
Version: 1.2.1-4
Distribution: maverick
Urgency: low
Maintainer: Petter Reinholdtsen <pere at debian.org>
Changed-By: Michael Bienia <geser at ubuntu.com>
Description: 
 libnss-sss - Nss library for the System Security Services Daemon
 libpam-sss - Pam module for the System Security Services Daemon
 python-sss - Pam module for the System Security Services Daemon
 sssd       - System Security Services Daemon
Closes: 588252 594413
Changes: 
 sssd (1.2.1-4) unstable; urgency=low
 .
   * Add patch from Stephen Gallagher to ensure LDAP authentication
     never accept a zero length password (Closes: #594413).  Solves
     CVE-2010-2940.
 .
 sssd (1.2.1-3) unstable; urgency=low
 .
   [ Petter Reinholdtsen ]
   * Look for /etc/default/sssd, not /etc/defaults/sssd in init.d
     script (Closes: #588252).
   * Make sssd.conf generation more robust, and make sure missing SRV
     records are ignored and not handled as host names.
   * Add code in generate-config to look up Kerberos realm using
     _kerberos TXT record in DNS if it exist.
   * Recommend bind9-host used by generate-config for SRV and TXT
     lookups.
 .
   [ Morten Werner Forsbring ]
   * Check if /etc/default/sssd is a file and executable, not a directory,
     before sourcing in init-script. Thanks to lintian.
 .
 sssd (1.2.1-2) unstable; urgency=low
 .
   * Make sure init.d script sources /etc/default/sssd (Closes: #588252).
   * Drop /etc/default/sssd from package, to avoid conffile question
     from dpkg during upgrades.
   * Make sure to only remove obsolete sssd conffiles on upgrades, not
     on first time installation.
   * Add new script generate-config and call it from the sssd postinst
     during first time installation to try to generate the sssd.conf
     file dynamically for LDAP and Kerberos using DNS entries, and fall
     back to the static example configuration if this fail.
   * Let sssd suggest libnss-sss and libpam-sss, to make those
     installing sssd aware of the other packages.
   * Add netgroup to nsswitch.conf entries added at first time
     installation, to make sure those installing now get working
     netgroups when sssd get netgroup support
   * Let sssd recommend ldap-utils as ldapsearch is used for generating
     the configuration.
Checksums-Sha1: 
 7d6055acdf76737954dcfb05bb895a2961d93404 1584 sssd_1.2.1-4.dsc
 28369ea2a640da6775121f0c0dea1140c26d2a79 13512 sssd_1.2.1-4.diff.gz
Checksums-Sha256: 
 d43d65bfa00be05de97d027e8d0619bc034c0b2aee1839a0c800e8d02b37de68 1584 sssd_1.2.1-4.dsc
 551d915a789a73a223d5a250289e03335b548a082449fea1e6249b8f77e556b7 13512 sssd_1.2.1-4.diff.gz
Files: 
 2ac0c41b16498eab3558d344747a5604 1584 utils extra sssd_1.2.1-4.dsc
 9c84bc9acc57835510fb1d326f2dfa0f 13512 utils extra sssd_1.2.1-4.diff.gz
Origin: debian/unstable
Launchpad-Bugs-Fixed: 625734

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkyCJM8ACgkQRdSMfNz8P9BywACggJxVj2mbOFwVWzSdbe/M0+2L
Dv0Anjqsbc2M/vF9CO68NwJYz3s+/Ej5
=6C4q
-----END PGP SIGNATURE-----

More information about the Maverick-changes mailing list