Ubuntu
shadow package

Change logs for shadow source package in Lucid

  1. Lucid (10.04)
  2. Change log 
  • shadow (1:4.1.4.2-1ubuntu2.2) lucid-security; urgency=low

  * SECURITY UPDATE: could inject NIS groups memberships into /etc/passwd.
    - debian/patches/900_locale_env_sanity: actually set locale environment
      variables correctly.
    - debian/patches/901_reject_newline: reject newlines in GECOS updates.
    - CVE-2011-0721
 -- Kees Cook <email address hidden>   Mon, 14 Feb 2011 13:42:29 -0800
  • shadow (1:4.1.4.2-1ubuntu2) lucid; urgency=low

  * debian/{source_shadow.py,rules}: Add apport hook
  * debian/rules: fix FTBFS from newer libtools
 -- Marc Deslauriers <email address hidden>   Tue, 26 Jan 2010 08:54:59 -0500
  • shadow (1:4.1.4.2-1ubuntu1) lucid; urgency=low

  * Merged with debian unstable. Remaning changes (LP: #477299):
    - Ubuntu specific:
      + debian/login.defs: use SHA512 by default for password crypt routine.
    - debian/patches/495_stdout-encrypted-password: chpasswd can report
      password hashes on stdout (Debian bug 505640).
    - Rework 495_stdout-encrypted-password to cope with chpasswd using PAM.

shadow (1:4.1.4.2-1) unstable; urgency=low

  * The "Tome des Bauges" release.
  * New upstream release:
     - Updated Basque translation. Closes: #535553
     - Fixed some translatable string. Closes: #525726
     - Fixed documentation of the short option for --mindays in passwd(1).
       Closes: #531983
     - Added support for shells being shell scripts without a shebang.
       Closes: #479406
  * debian/securetty.linux: Added Embedded Renesas SuperH ports.
    Closes: #535927
  * debian/securetty.linux: Added ttyS2 to ttyS5. Some extension card provide
    more serial ports, but that should be sufficient until there is a support
    for regular expressions. Closes: #534244
  * debian/patches/506_relaxed_usernames: Fixed typo. groupadd(8) should
    document the restriction on groupnames, not usernames.
  * debian/login.pam: pam_securetty included as a required module instead of
    requisite to avoid leak of user name information. Closes: #531341
  * debian/shadowconfig.sh: Do not run shadowoff() and shadowon() in subshell.
    This also remove a dependency on bash (even though /bin/sh would have been
    sufficient). Thanks to Luk for spotting this.
  * debian/login.dirs, debian/passwd.dirs: Removed usr/share/linda/overrides.
  * debian/control: Standards-Version: bumped to 3.8.2. No changes.
 -- Nicolas Valcarcel Scerpella (Canonical) <email address hidden>   Sat, 07 Nov 2009 04:55:18 -0500
  • shadow (1:4.1.4.1-1ubuntu2) karmic; urgency=low

  * debian/securetty.linux: also list ttyS2 and ttyS3; beagleboard uses ttyS2
    as serial port.

 -- Loic Minier <email address hidden>   Fri, 31 Jul 2009 15:34:56 +0200