Change logs for shadow source package in Raring

  • shadow (1: raring; urgency=low
      * debian/patches/496_su_kill_process_group: Kill the child process group,
        rather than just the immediate child; this is needed now that su no
        longer starts a controlling terminal when not running an interactive
        shell (closes: #713979, LP: #1205407).
     -- Colin Watson <email address hidden>   Fri, 26 Jul 2013 17:20:17 +0100
  • shadow (1: raring; urgency=low
      * Pass noupdate to pam_motd call for /run/motd.dynamic, to avoid running
        /etc/update-motd.d/* scripts twice (LP: #1169558).
     -- Colin Watson <email address hidden>   Thu, 18 Apr 2013 01:01:45 +0100
  • shadow (1: raring; urgency=low
      * Install upstart job by-hand, instead of using dh_installinit to avoid
        dependency on upstart-job.
     -- Dmitrijs Ledkovs <email address hidden>   Mon, 18 Mar 2013 03:23:31 +0000
  • shadow (1: raring; urgency=low
      * Revert build-dependency from gettext:any to gettext, now that gettext is
        Multi-Arch: foreign.
     -- Colin Watson <email address hidden>   Thu, 29 Nov 2012 15:27:11 +0000
  • shadow (1: raring; urgency=low
      * The "Yorkshire Blue" release.
      * Merge from Debian unstable.  Remaining changes:
         - debian/passwd.upstart: Add an upstrat job to clear locks on
           [shadow-]passwd/group. (LP: #523896).
         - Build-depend on gettext:any for cross-building support.
         - Allow LXC devices (lxc/console, lxc/tty[1234]) that we'll start using
           in LXC with Precise.
         - debian/login.defs:
           + Update documentation of USERGROUPS_ENAB: with pam_umask, the UPG
             handling does not only apply to "former (pre-PAM) uses".
           + Update documentation of UMASK: Explain that USERGROUPS_ENAB will modify
             this default for UPGs. (Closes: #583971)
         - debian/{,rules}: Add apport hook
         - debian/patches/495_stdout-encrypted-password: chpasswd can report
           password hashes on stdout (Debian bug 505640).
      * Dropped changes, merged in Debian:
         - Fix case of ttyAMA0-3 devices and move them near the ttyAM0-15 ones;
           Debian #544184; fixes console on Vexpress boards (e.g. in QEMU).
         - use SHA512 by default for password crypt routine.
         - debian/rules: fix FTBFS from newer libtools
         - Mark passwd Multi-Arch: foreign.
    shadow (1: unstable; urgency=low
      * The "Gruyère" release.
      [ Nicolas FRANCOIS (Nekral) ]
      * New upstream release:
        - login: log into utmp(x) but not into wtmp (this is done by pam_lastlog).
          Log to utmp(x) was broken by the fix for #605329. Closes: 659957
        - userdel: Fix segfault when userdel removes the user's group.
          Closes: #660406
        - manpages: .so links point to paths relative to the top-level manual
          hierarchy. Closes: #661025
        - useradd(8): Return code 13 no more documented. Closes: #661802
      * debian/patches/series, debian/patches/428_grpck_add_prune_option: Removed.
        The -p option was not documented and was meant to fix consequences of a
        bug now fixed more than 10 years ago.
      * debian/ Display issues, but dot not prompt interactively
        to fix passwd/group/shadow/gshadow issues. Closes: #638263
      * debian/control: Bump Standards-Version to 3.9.3 (no changes needed).
      * debian/rules: Simplify setting of hardening flags. cdbs 0.4.103 needed to
        get hardened version of shadow-utils. Restore previous requirement on
        dpkg-dev to 1.13.5.
      [ Christian Perrier ]
      * Complete Polish translation of logoutd(8). Closes: #668880
      * German translation of manpages completed. Closes: #673234
      [ Roger Leigh ]
      * Separation of static and dynamic motd components in login PAM module
        Closes: #669698
    shadow (1:4.1.5-1) unstable; urgency=low
      * The "Charolais" release.
      [ Nicolas FRANCOIS (Nekral) ]
      * New upstream release:
        - su: Fix possible tty hijacking by dropping the controlling terminal when
          executing a command (CVE-2005-4890). Closes: #628843
        - userdel: Check the existence of the user's mail spool before trying to
          remove it. If it does not exist, a warning is issued, but no failure.
          Closes: #617295
        - userdel: Do not remove a group with the same name as the user
          (usergroup) if this group isn't the user's primary group.
          Closes: #584868
        - su: Close the PAM session as root (fix issues with pam_mount and
          pam_systemd). Closes: #580434
        - Fix several typos in manpages. Thanks to Simon Brandmair.
          Closes: #628776
        - userdel error message has been clarified when the user is still
          executing processes (it used to complain that the user is logged in).
          Closes: #603315
        - passwd(1) references chpasswd(8). Closes: #609117
        - Spaces have been added between options and arguments in the Russian
          manpages. Closes: #606159
        - Fix handling of numerical dates in usermod -e. Closes: #621810
        - usermod: When the shadow file exists but there are no shadow entries, an
          entry is created if the password is changed and passwd requires a shadow
          entry, or if aging features are used (-e or -f). Closes: 632461
        - Added diagnosis for lock failures. Closes: #616167
        - grpck/pwck: NIS entries were dropped by -s (sort). Closes: #622765
        - login does not log into utmp(x) and wtmp. This is already done by
          pam_lastlog. Closes: #605329
        - groupmod: document that /etc/passwd can be modified by groupmod -g.
          Closes: #647308
        - Updated patches
          + debian/patches/008_login_log_failure_in_FTMP
          + debian/patches/401_cppw_src.dpatch
          + debian/patches/402_cppw_selinux
          + debian/patches/428_grpck_add_prune_option
          + debian/patches/429_login_FAILLOG_ENAB
          + debian/patches/463_login_delay_obeys_to_PAM
          + debian/patches/501_commonio_group_shadow
          + debian/patches/505_useradd_recommend_adduser
          + debian/patches/506_relaxed_usernames
          + debian/patches/508_nologin_in_usr_sbin
          + debian/patches/523_su_arguments_are_concatenated
          + debian/patches/523_su_arguments_are_no_more_concatenated_by_default
          + debian/patches/542_useradd-O_option
          + debian/patches/900_testsuite_groupmems
        - debian/patches/008_su_get_PAM_username: Removed, feature supported
        - debian/patches/300_CVE-2011-0721: Removed, applied upstream.
        - Upstream translation updates from Debian BTS:
          + Brazilian Portuguese. Closes: #622834
          + Catalan. Closes: #627526, #657763
          + Danish. Closes: #621330, #657514
          + German. Closes: #622908, #656503
          + French. Closes: #623608, #657621
          + Japanese. Closes: #620978
          + Kazakh. Closes: #620930
          + Portuguese. Closes: #623722, #656686
          + Russian. Closes: #622106, #655194
          + Spanish (Closes: #630618)
          + Swedish. Closes: #621126
          + Simplified Chinese. Closes: #655858
        - Upstream manpages translation updates from Debian BTS:
          + French. Closes: #630250, #657622
          + German. Closes: #628777
          + Simplified Chinese. Closes: #602264, #655858
          + Danish added. Closes: #657516
          + Russian. Closes: #657710
      * debian/control: mark passwd as 'Multi-Arch: foreign'. Closes: #614321
      * debian/securetty.linux: Add IBM pSeries console ports. Closes: #597661
      * debian/securetty.linux: Add serial Console for MIPS Swarm.
      * debian/securetty.linux: Add s390/s390x ports ttysclp0. Closes: #647469
      * debian/securetty.linux: Fixed typo: ttyama -> ttyAMA. Closes: #544184
      * debian/rules, debian/man.insert, debian/man.insert.sed: Bug #507673 has
        been closed. It is no more needed to patch the generated manpages. This
        also fix failures to build twice is a row. Closes: #636047
      * debian/patches/401_cppw_src.dpatch: Replace progname by Prog. Rename
        create_backup_file to create_copy. The lock functions do not set errno.
        Do not report the error string on cppwexit.
      * debian/patches/401_cppw_src.dpatch, debian/patches/402_cppw_selinux:
        Synchronize with coding style.
      * debian/patches/401_cppw_src.dpatch: Detect as well too many and too
        few arguments.
      * debian/patches/506_relaxed_usernames: Really check if the user/group
        name starts with a dash. Also forbid names starting with '+' or '~'.
        Document the naming policy in useradd.8 / groupadd.8.
      * debian/patches/506_relaxed_usernames: Also forbid names containing a
      * debian/patches/901_testsuite_gcov: Do not revert the locale when testing
        with gcov to avoid coverage false negatives. This does not impact the
        debian binary package, only the test package.
      * debian/control: Add Build-Depends on libsemanage1-dev [linux-any]
      * debian/rules: Do not hard-code CFLAGS and LDFLAGS. Build with all
        hardening flags set. Closes: #657010
      * debian/control: depends on dpkg-dev (>= 1.16.1~) for including
      * debian/control: Standards-Version: bumped to 3.9.2. No changes.
      * debian/login.defs: Set the default encryption method to SHA512.
        Closes: #657717
      [ Christian Perrier ]
      * Use "linux-any" instead of a negated list of architectures in
        Build-Depends. Closes: #634465
     -- Dmitrijs Ledkovs <email address hidden>   Tue, 23 Oct 2012 09:59:19 +0100
  • shadow (1: quantal; urgency=low
      * debian/passwd.upstart: Add an upstrat job to clear locks on
        [shadow-]passwd/group. (LP: #523896).
     -- Dmitrijs Ledkovs <email address hidden>   Fri, 31 Aug 2012 13:00:33 +0100