Change logs for shadow source package in Cosmic

  • shadow (1:4.5-1ubuntu1) bionic; urgency=medium
      * Merge with Debian; remaining changes:
        - debian/login.defs:
          + Update documentation of USERGROUPS_ENAB: with pam_umask, the UPG
            handling does not only apply to "former (pre-PAM) uses".
          + Update documentation of UMASK: Explain that USERGROUPS_ENAB
            will modify this default for UPGs.
        - debian/{,rules}: Add apport hook
        - debian/patches/1010_extrausers.patch: Add support to passwd for
        - debian/patches/1011_extrausers_toggle.patch: extrausers support for
          useradd and groupadd
        - debian/patches/1012_extrausers_chfn.patch: add support for
          --extrausers to the chfn tool
        - debian/passwd.maintscripts: Clean up upstart configuration
      * Dropped changes, included in Debian:
        - Pass noupdate to pam_motd call for /run/motd.dynamic, to avoid running
          /etc/update-motd.d/* scripts twice.
      * Dropped changes, included upstream:
        - debian/patches/userns/subuids-nonlocal-users: Don't limit
          subuid/subgid support to local users.
        - debian/patches/1021_no_subuids_for_system_users.patch
        - debian/patches/CVE-2017-2616.patch: Check process's exit status before
          sending signal
        - debian/patches/CVE-2017-2616-regression.patch: Do not reset the
          pid_child to 0 if the child process is still running.
        - CVE-2017-2616
        - debian/patches/CVE-2016-6252.patch: parse directly into unsigned long
        - CVE-2016-6252
      * Dropped obsoleted changes:
        - debian/rules: setting DEB_*_INSTALLINIT_ARGS became obsolete after
          switching to passwd.tmpfile from passwd.service
    shadow (1:4.5-1) unstable; urgency=medium
      * New upstream version 4.5
        - Fix buffer overflow if NULL line is present in db (CVE-2017-12424)
          (Closes: #756630)
        - Make the sp_lstchg shadow field reproducible (Closes: #857803)
        - Fix regression in useradd not loading defaults properly.
          (Closes: #865762)
      * Refresh patches
      * Drop patches manipulating su argument concatenation:
      * Cut redundant information from Debian-specific README files
      * Revert adding pts/0 and pts/1 to securetty.
        Adding pts/* defeats the purpose of securetty. Let containers add it if
        needed as described in #830255.
      * Use my email address in Maintainer field
    shadow (1:4.4-4.1) unstable; urgency=high
      * Non-maintainer upload.
      * Reset pid_child only if waitpid was successful.
        This is a regression fix for CVE-2017-2616. If su receives a signal like
        SIGTERM, it is not propagated to the child. (Closes: #862806)
    shadow (1:4.4-4) unstable; urgency=high
      * su: properly clear child PID (CVE-2017-2616) (Closes: #855943)
    shadow (1:4.4-3) unstable; urgency=medium
      [ Balint Reczey ]
      * Clean up stale locks on boot (Closes: #478771)
      * Sync motd handling with sshd.
        Using patch from Ubuntu (Closes: #757148)
      [ Stéphane Graber ]
      * Add missing /etc/{subgid|subuid} in postinst
    shadow (1:4.4-2) unstable; urgency=medium
      [ Balint Reczey ]
      * Update homepage to new upstream
      * Always use /bin/sh shell in the build (Closes: #817971)
      * Replace user´s -> user's to make login.def file valid ASCII
        (Closes: #850338)
      * Update patch naming docmentation
      * Fix typos in German man pages (Closes: #734609)
      * Send 1000_configure_userns patch upstream
      * Add call to pam_keyinit for login pam service.
        This module is linux-any only, so copy what openssh has already done and
        remove the call at build time for other architectures.
        The call to this module is needed to have proper per-session kernel
        keyring. (Closes: #734671)
      * Add pts/0 and pts/1 to securetty (Closes: #830255)
      * Add ttySAC* to securetty (Closes: #824391)
      * Add ttySC[4-9] to securetty (Closes: #768020)
      [ Laurent Bigonville ]
      * Move pam_selinux open call higher in the session stack (Closes: #747313)
      [ Christian Perrier ]
      * Fix typos in login.pam (thanks to Jakub Wilk for reporting)
        (Closes: #747115)
      * Include groupmems(8) in the passwd package (Closes: #663117)
      [ Frans Spiesschaert ]
      * Dutch translation update (Closes: #772470)
      [ Trần Ngọc Quân ]
      * Update Vietnamese translation (Closes: #777107)
      [ Miroslav Kuře ]
      * Updated Czech translation. (Closes: #759113)
      [ Holger Wansing ]
      * Update for German man pages
      [ Thomas Blein ]
      * French manpage translation (Closes: #805182)
      [ Lars Bahner ]
      * Fix some spelling issues in the Norwegian translation (Closes: #800553)
    shadow (1:4.4-1) unstable; urgency=medium
      [ Christian Perrier ]
      * Imported Upstream version 4.2
      * Debian patch: Fix typo in su.1.xml
      * Configure userns
      * Vietnamese translation update
      * French translation update (Closes: #725793)
      * German translation update
      * Update NEWS file
      * Issue a warning if no manpages have been generated
      * Regenerate PO files
      * Regenerate manpages PO files
      * Imported Upstream version 4.2.1
      [ Serge Hallyn ]
      * Import new upstream
      * Patch changes:
        - Update 501_commonio_group_shadow to work with upstream changes
        - Update 1010_vietnamese_translation
        - Drop userns patches which are now all upstream
      [ Balint Reczey ]
      * Update debian/watch to use GitHub releases
      * Imported Upstream version 4.4
        - Fix incorrect integer handling (CVE-2016-6252) (Closes: #832170)
      * Disable Vietnamese translation patch because it does not apply cleanly
      * Bump debhelper compat level to 10
      * ACK NMU by Samuel Thibault dropping the patch which is integrated
      * Stop build-depending on build-essential dpkg-dev
      * Tag login package as essential properly
      * Adopt the package under the Shadow Team's umbrella (Closes: #801707)
    shadow (1:4.2-3.3) unstable; urgency=medium
      * Non-maintainer upload.
      * Apply upstream patch to fix build on hurd-i386. (Closes: #750480)
     -- Balint Reczey <email address hidden>  Thu, 25 Jan 2018 16:09:22 +0100