[ubuntu/natty] shadow 1:4.1.4.2+svn3283-2ubuntu1 (Accepted)
Oliver Grawert
ogra at ubuntu.com
Wed Nov 24 13:00:27 GMT 2010
shadow (1:4.1.4.2+svn3283-2ubuntu1) natty; urgency=low
* Merge from debian unstable. Remaining changes:
- Ubuntu specific:
+ debian/login.defs: use SHA512 by default for password crypt routine.
- debian/{source_shadow.py,rules}: Add apport hook
- debian/rules: fix FTBFS from newer libtools
- debian/patches/495_stdout-encrypted-password: chpasswd can report
password hashes on stdout (Debian bug 505640).
- Rework 495_stdout-encrypted-password to cope with chpasswd using PAM.
shadow (1:4.1.4.2+svn3283-2) unstable; urgency=low
* The "Bleu du Vercors-Sassenage" release.
* Fix backup command line in cron.daily script. Closes: #596283
shadow (1:4.1.4.2+svn3283-1) unstable; urgency=low
* The "Bleu de Gex" release.
* New upstream unreleased version:
- Fix formatting of the login.defs.5 manpage. Closes: #542804
- Updated Czech translation. Closes: #548407
- Updated Vietnamese translation. Closes: #548065
- Remove patches applied upstream:
+ debian/patches/008_su_no_sanitize_env
+ debian/patches/483_su_fakelogin_wrong_arg0
- Updated patches:
+ debian/patches/523_su_arguments_are_no_more_concatenated_by_default
+ debian/patches/542_useradd-O_option
- Added support for dates already specified as a number of days since
Epoch in useradd, usermod and chage. Closes: #562221
- This also allows, in the chage interactive mode, to specify -1 as the
expiration date to disable it. Closes: #573018
- Fixed parsing of gshadow. This fix password support in newgrp.
Closes: #569899
- pwck and grpck stop sorting at the first line which begins with a '+'.
This will avoid messing up with NIS entries. Closes: #567836
- Fix interruption of su, newgrp, vipw with Ctrl-Z. Closes: 530231
- mail checking is no more mentioned in login(1) since it is done by PAM.
Closes: #470059
- The -e (and -c and -m) option was restored in chpasswd (which still uses
PAM by default). Closes: #539354
- Kazakh translation updated. Closes: #586994
- Fixed comma splice in chsh(1). Closes: #582166
* debian/securetty.kfreebsd: On GNU/kFreeBSD the serial devices have change
from /dev/cuuaX to /dev/ttydX in kernel 6.0. Closes: #544523
* debian/securetty.linux: Added support for embedded ARM AMBA PL011 ports
(e.g. emulated by QEMU). Closes: #544184
* debian/control: Removed Martin Quinson from the Uploaders, on his request.
* debian/login.defs: Improve documentation of USERGROUPS_ENAB.
Closes: #572687
* debian/rules: Added DEB_AUTO_UPDATE_LIBTOOL = pre. Closes: #560633
* debian/login.pam: return back to mostly "requisite" for the pam_securetty
PAM module, but ignore PAM_USER_UNKNOWN. This will avoid root from
entering a password, and will also avoid user enumeration attacks.
Mis-typed root login are not protected, only root can be blamed for
mis-typing and entering a password on an insecure line. Users willing to
protect against mis-typed root login can use "requisite", but will be
vulnerable to user enumeration attacks on insecure lines, and should use
pam 1.1.0-4 at least. Closes: #574082, #531341
* debian/passwd.cron.daily: Handle the backups of the user and group
databases so that it can be removed from the standard daily cron job.
Closes: #554170
* debian/login.defs: Updated description of UMASK (used by pam_umask).
* debian/securetty.linux: Reorganize and synchronize with
Documentation/devices.txt. This added a lot of TTYs, including the
ttyPZ0..3. Closes: #576203
* debian/rules, debian/man.insert, debian/man.insert.sed: Hack to avoid bug
507673, causing missing apostrophes in the manpages generated by
docbook-xsl (see debian bug 507673).
* debian/control: Standards-Version: bumped to 3.8.4. No changes.
* debian/passwd.lintian-overrides: Remove old entries relevant for
passwd.config.
* debian/control: Do not repeat the Section and Priority fields for the
binary packages.
* debian/rules: Disable new features: --without-acl --without-attr
--without-tcb
Date: Wed, 24 Nov 2010 13:42:42 +0100
Changed-By: Oliver Grawert <ogra at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/shadow/1:4.1.4.2+svn3283-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 24 Nov 2010 13:42:42 +0100
Source: shadow
Binary: passwd login
Architecture: source
Version: 1:4.1.4.2+svn3283-2ubuntu1
Distribution: natty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Oliver Grawert <ogra at ubuntu.com>
Description:
login - system login tools
passwd - change and administer password and group data
Closes: 470059 530231 531341 539354 542804 544184 544523 548065 548407 554170 560633 562221 567836 569899 572687 573018 574082 576203 582166 586994 596283
Changes:
shadow (1:4.1.4.2+svn3283-2ubuntu1) natty; urgency=low
.
* Merge from debian unstable. Remaining changes:
- Ubuntu specific:
+ debian/login.defs: use SHA512 by default for password crypt routine.
- debian/{source_shadow.py,rules}: Add apport hook
- debian/rules: fix FTBFS from newer libtools
- debian/patches/495_stdout-encrypted-password: chpasswd can report
password hashes on stdout (Debian bug 505640).
- Rework 495_stdout-encrypted-password to cope with chpasswd using PAM.
.
shadow (1:4.1.4.2+svn3283-2) unstable; urgency=low
.
* The "Bleu du Vercors-Sassenage" release.
* Fix backup command line in cron.daily script. Closes: #596283
.
shadow (1:4.1.4.2+svn3283-1) unstable; urgency=low
.
* The "Bleu de Gex" release.
* New upstream unreleased version:
- Fix formatting of the login.defs.5 manpage. Closes: #542804
- Updated Czech translation. Closes: #548407
- Updated Vietnamese translation. Closes: #548065
- Remove patches applied upstream:
+ debian/patches/008_su_no_sanitize_env
+ debian/patches/483_su_fakelogin_wrong_arg0
- Updated patches:
+ debian/patches/523_su_arguments_are_no_more_concatenated_by_default
+ debian/patches/542_useradd-O_option
- Added support for dates already specified as a number of days since
Epoch in useradd, usermod and chage. Closes: #562221
- This also allows, in the chage interactive mode, to specify -1 as the
expiration date to disable it. Closes: #573018
- Fixed parsing of gshadow. This fix password support in newgrp.
Closes: #569899
- pwck and grpck stop sorting at the first line which begins with a '+'.
This will avoid messing up with NIS entries. Closes: #567836
- Fix interruption of su, newgrp, vipw with Ctrl-Z. Closes: 530231
- mail checking is no more mentioned in login(1) since it is done by PAM.
Closes: #470059
- The -e (and -c and -m) option was restored in chpasswd (which still uses
PAM by default). Closes: #539354
- Kazakh translation updated. Closes: #586994
- Fixed comma splice in chsh(1). Closes: #582166
* debian/securetty.kfreebsd: On GNU/kFreeBSD the serial devices have change
from /dev/cuuaX to /dev/ttydX in kernel 6.0. Closes: #544523
* debian/securetty.linux: Added support for embedded ARM AMBA PL011 ports
(e.g. emulated by QEMU). Closes: #544184
* debian/control: Removed Martin Quinson from the Uploaders, on his request.
* debian/login.defs: Improve documentation of USERGROUPS_ENAB.
Closes: #572687
* debian/rules: Added DEB_AUTO_UPDATE_LIBTOOL = pre. Closes: #560633
* debian/login.pam: return back to mostly "requisite" for the pam_securetty
PAM module, but ignore PAM_USER_UNKNOWN. This will avoid root from
entering a password, and will also avoid user enumeration attacks.
Mis-typed root login are not protected, only root can be blamed for
mis-typing and entering a password on an insecure line. Users willing to
protect against mis-typed root login can use "requisite", but will be
vulnerable to user enumeration attacks on insecure lines, and should use
pam 1.1.0-4 at least. Closes: #574082, #531341
* debian/passwd.cron.daily: Handle the backups of the user and group
databases so that it can be removed from the standard daily cron job.
Closes: #554170
* debian/login.defs: Updated description of UMASK (used by pam_umask).
* debian/securetty.linux: Reorganize and synchronize with
Documentation/devices.txt. This added a lot of TTYs, including the
ttyPZ0..3. Closes: #576203
* debian/rules, debian/man.insert, debian/man.insert.sed: Hack to avoid bug
507673, causing missing apostrophes in the manpages generated by
docbook-xsl (see debian bug 507673).
* debian/control: Standards-Version: bumped to 3.8.4. No changes.
* debian/passwd.lintian-overrides: Remove old entries relevant for
passwd.config.
* debian/control: Do not repeat the Section and Priority fields for the
binary packages.
* debian/rules: Disable new features: --without-acl --without-attr
--without-tcb
Checksums-Sha1:
fb4662bfb1a753cda67a87ed692796ddad577b1e 1689 shadow_4.1.4.2+svn3283-2ubuntu1.dsc
8b704b8f07718e329205f23d457c3121c0f3679e 2942890 shadow_4.1.4.2+svn3283.orig.tar.gz
d9d68e3fc8109a305ad566ee47923ccf04758c31 333926 shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Checksums-Sha256:
e156d0bca5127853974cc7b35305a90e97732cb2eb5d8c3344bce72cfb1986e2 1689 shadow_4.1.4.2+svn3283-2ubuntu1.dsc
2bb79a35d5610515daf6471a091025b4bf991b6c631e068baa6097a13cf83fcb 2942890 shadow_4.1.4.2+svn3283.orig.tar.gz
3f735e57dd40d19edff0ebe54cfd5a83dff462332eb84e06f2c55be024da2a44 333926 shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Files:
ce7f48911c3b17969a3a7efcda3df25f 1689 admin required shadow_4.1.4.2+svn3283-2ubuntu1.dsc
10f6ddcb029c024aaf77d033bcb459d5 2942890 admin required shadow_4.1.4.2+svn3283.orig.tar.gz
725d7fc092fae68bd14602943b3208a2 333926 admin required shadow_4.1.4.2+svn3283-2ubuntu1.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkztCNcACgkQSsOT+6LQaTYHfgCglM6wKFEZBmakM9gnmBQKm7bi
LwYAn1rw6whIVt8Qb7pYfMtxIhFpfbHM
=TvxC
-----END PGP SIGNATURE-----
More information about the Natty-changes
mailing list