[ubuntu/natty] shadow 1:4.1.4.2+svn3283-2ubuntu1 (Accepted)

Oliver Grawert ogra at ubuntu.com
Wed Nov 24 13:00:27 GMT 2010


shadow (1:4.1.4.2+svn3283-2ubuntu1) natty; urgency=low

  * Merge from debian unstable.  Remaining changes:
    - Ubuntu specific:
      + debian/login.defs: use SHA512 by default for password crypt routine.
    - debian/{source_shadow.py,rules}: Add apport hook
    - debian/rules: fix FTBFS from newer libtools
    - debian/patches/495_stdout-encrypted-password: chpasswd can report
      password hashes on stdout (Debian bug 505640).
    - Rework 495_stdout-encrypted-password to cope with chpasswd using PAM.

shadow (1:4.1.4.2+svn3283-2) unstable; urgency=low

  * The "Bleu du Vercors-Sassenage" release.
  * Fix backup command line in cron.daily script. Closes: #596283

shadow (1:4.1.4.2+svn3283-1) unstable; urgency=low

  * The "Bleu de Gex" release.
  * New upstream unreleased version:
    - Fix formatting of the login.defs.5 manpage. Closes: #542804
    - Updated Czech translation. Closes: #548407
    - Updated Vietnamese translation. Closes: #548065
    - Remove patches applied upstream:
      + debian/patches/008_su_no_sanitize_env
      + debian/patches/483_su_fakelogin_wrong_arg0
    - Updated patches:
      + debian/patches/523_su_arguments_are_no_more_concatenated_by_default
      + debian/patches/542_useradd-O_option
    - Added support for dates already specified as a number of days since
      Epoch in useradd, usermod and chage. Closes: #562221
    - This also allows, in the chage interactive mode, to specify -1 as the
      expiration date to disable it. Closes: #573018
    - Fixed parsing of gshadow. This fix password support in newgrp.
      Closes: #569899
    - pwck and grpck stop sorting at the first line which begins with a '+'.
      This will avoid messing up with NIS entries. Closes: #567836
    - Fix interruption of su, newgrp, vipw with Ctrl-Z. Closes: 530231
    - mail checking is no more mentioned in login(1) since it is done by PAM.
      Closes: #470059
    - The -e (and -c and -m) option was restored in chpasswd (which still uses
      PAM by default).  Closes: #539354
    - Kazakh translation updated. Closes: #586994
    - Fixed comma splice in chsh(1). Closes: #582166
  * debian/securetty.kfreebsd: On GNU/kFreeBSD the serial devices have change
    from /dev/cuuaX to /dev/ttydX in kernel 6.0. Closes: #544523
  * debian/securetty.linux: Added support for embedded ARM AMBA PL011 ports
    (e.g. emulated by QEMU). Closes: #544184
  * debian/control: Removed Martin Quinson from the Uploaders, on his request.
  * debian/login.defs: Improve documentation of USERGROUPS_ENAB.
    Closes: #572687
  * debian/rules: Added DEB_AUTO_UPDATE_LIBTOOL = pre. Closes: #560633
  * debian/login.pam: return back to mostly "requisite" for the pam_securetty
    PAM module, but ignore PAM_USER_UNKNOWN. This will avoid root from
    entering a password, and will also avoid user enumeration attacks.
    Mis-typed root login are not protected, only root can be blamed for
    mis-typing and entering a password on an insecure line. Users willing to
    protect against mis-typed root login can use "requisite", but will be
    vulnerable to user enumeration attacks on insecure lines, and should use
    pam 1.1.0-4 at least. Closes: #574082, #531341
  * debian/passwd.cron.daily: Handle the backups of the user and group
    databases so that it can be removed from the standard daily cron job.
    Closes: #554170
  * debian/login.defs: Updated description of UMASK (used by pam_umask).
  * debian/securetty.linux: Reorganize and synchronize with
    Documentation/devices.txt. This added a lot of TTYs, including the
    ttyPZ0..3. Closes: #576203
  * debian/rules, debian/man.insert, debian/man.insert.sed: Hack to avoid bug
    507673, causing missing apostrophes in the manpages generated by
    docbook-xsl (see debian bug 507673).
  * debian/control: Standards-Version: bumped to 3.8.4. No changes.
  * debian/passwd.lintian-overrides: Remove old entries relevant for
    passwd.config.
  * debian/control: Do not repeat the Section and Priority fields for the
    binary packages.
  * debian/rules: Disable new features: --without-acl --without-attr
    --without-tcb

Date: Wed, 24 Nov 2010 13:42:42 +0100
Changed-By: Oliver Grawert <ogra at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/shadow/1:4.1.4.2+svn3283-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 24 Nov 2010 13:42:42 +0100
Source: shadow
Binary: passwd login
Architecture: source
Version: 1:4.1.4.2+svn3283-2ubuntu1
Distribution: natty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Oliver Grawert <ogra at ubuntu.com>
Description: 
 login      - system login tools
 passwd     - change and administer password and group data
Closes: 470059 530231 531341 539354 542804 544184 544523 548065 548407 554170 560633 562221 567836 569899 572687 573018 574082 576203 582166 586994 596283
Changes: 
 shadow (1:4.1.4.2+svn3283-2ubuntu1) natty; urgency=low
 .
   * Merge from debian unstable.  Remaining changes:
     - Ubuntu specific:
       + debian/login.defs: use SHA512 by default for password crypt routine.
     - debian/{source_shadow.py,rules}: Add apport hook
     - debian/rules: fix FTBFS from newer libtools
     - debian/patches/495_stdout-encrypted-password: chpasswd can report
       password hashes on stdout (Debian bug 505640).
     - Rework 495_stdout-encrypted-password to cope with chpasswd using PAM.
 .
 shadow (1:4.1.4.2+svn3283-2) unstable; urgency=low
 .
   * The "Bleu du Vercors-Sassenage" release.
   * Fix backup command line in cron.daily script. Closes: #596283
 .
 shadow (1:4.1.4.2+svn3283-1) unstable; urgency=low
 .
   * The "Bleu de Gex" release.
   * New upstream unreleased version:
     - Fix formatting of the login.defs.5 manpage. Closes: #542804
     - Updated Czech translation. Closes: #548407
     - Updated Vietnamese translation. Closes: #548065
     - Remove patches applied upstream:
       + debian/patches/008_su_no_sanitize_env
       + debian/patches/483_su_fakelogin_wrong_arg0
     - Updated patches:
       + debian/patches/523_su_arguments_are_no_more_concatenated_by_default
       + debian/patches/542_useradd-O_option
     - Added support for dates already specified as a number of days since
       Epoch in useradd, usermod and chage. Closes: #562221
     - This also allows, in the chage interactive mode, to specify -1 as the
       expiration date to disable it. Closes: #573018
     - Fixed parsing of gshadow. This fix password support in newgrp.
       Closes: #569899
     - pwck and grpck stop sorting at the first line which begins with a '+'.
       This will avoid messing up with NIS entries. Closes: #567836
     - Fix interruption of su, newgrp, vipw with Ctrl-Z. Closes: 530231
     - mail checking is no more mentioned in login(1) since it is done by PAM.
       Closes: #470059
     - The -e (and -c and -m) option was restored in chpasswd (which still uses
       PAM by default).  Closes: #539354
     - Kazakh translation updated. Closes: #586994
     - Fixed comma splice in chsh(1). Closes: #582166
   * debian/securetty.kfreebsd: On GNU/kFreeBSD the serial devices have change
     from /dev/cuuaX to /dev/ttydX in kernel 6.0. Closes: #544523
   * debian/securetty.linux: Added support for embedded ARM AMBA PL011 ports
     (e.g. emulated by QEMU). Closes: #544184
   * debian/control: Removed Martin Quinson from the Uploaders, on his request.
   * debian/login.defs: Improve documentation of USERGROUPS_ENAB.
     Closes: #572687
   * debian/rules: Added DEB_AUTO_UPDATE_LIBTOOL = pre. Closes: #560633
   * debian/login.pam: return back to mostly "requisite" for the pam_securetty
     PAM module, but ignore PAM_USER_UNKNOWN. This will avoid root from
     entering a password, and will also avoid user enumeration attacks.
     Mis-typed root login are not protected, only root can be blamed for
     mis-typing and entering a password on an insecure line. Users willing to
     protect against mis-typed root login can use "requisite", but will be
     vulnerable to user enumeration attacks on insecure lines, and should use
     pam 1.1.0-4 at least. Closes: #574082, #531341
   * debian/passwd.cron.daily: Handle the backups of the user and group
     databases so that it can be removed from the standard daily cron job.
     Closes: #554170
   * debian/login.defs: Updated description of UMASK (used by pam_umask).
   * debian/securetty.linux: Reorganize and synchronize with
     Documentation/devices.txt. This added a lot of TTYs, including the
     ttyPZ0..3. Closes: #576203
   * debian/rules, debian/man.insert, debian/man.insert.sed: Hack to avoid bug
     507673, causing missing apostrophes in the manpages generated by
     docbook-xsl (see debian bug 507673).
   * debian/control: Standards-Version: bumped to 3.8.4. No changes.
   * debian/passwd.lintian-overrides: Remove old entries relevant for
     passwd.config.
   * debian/control: Do not repeat the Section and Priority fields for the
     binary packages.
   * debian/rules: Disable new features: --without-acl --without-attr
     --without-tcb
Checksums-Sha1: 
 fb4662bfb1a753cda67a87ed692796ddad577b1e 1689 shadow_4.1.4.2+svn3283-2ubuntu1.dsc
 8b704b8f07718e329205f23d457c3121c0f3679e 2942890 shadow_4.1.4.2+svn3283.orig.tar.gz
 d9d68e3fc8109a305ad566ee47923ccf04758c31 333926 shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Checksums-Sha256: 
 e156d0bca5127853974cc7b35305a90e97732cb2eb5d8c3344bce72cfb1986e2 1689 shadow_4.1.4.2+svn3283-2ubuntu1.dsc
 2bb79a35d5610515daf6471a091025b4bf991b6c631e068baa6097a13cf83fcb 2942890 shadow_4.1.4.2+svn3283.orig.tar.gz
 3f735e57dd40d19edff0ebe54cfd5a83dff462332eb84e06f2c55be024da2a44 333926 shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Files: 
 ce7f48911c3b17969a3a7efcda3df25f 1689 admin required shadow_4.1.4.2+svn3283-2ubuntu1.dsc
 10f6ddcb029c024aaf77d033bcb459d5 2942890 admin required shadow_4.1.4.2+svn3283.orig.tar.gz
 725d7fc092fae68bd14602943b3208a2 333926 admin required shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkztCNcACgkQSsOT+6LQaTYHfgCglM6wKFEZBmakM9gnmBQKm7bi
LwYAn1rw6whIVt8Qb7pYfMtxIhFpfbHM
=TvxC
-----END PGP SIGNATURE-----


More information about the Natty-changes mailing list