Changelog for pam_ssh-debugsource-1.97-20.4.1.x86_64.rpm :

* Thu Jun 06 2013 vcizekAATTsuse.com- restore credentials before exitting from pam_sm_open_session
* fixes bnc#823484
* added James Carter\'s pam_ssh-1.97-no_tty_stay_as_user.patch
* Thu Jan 12 2012 vcizekAATTsuse.com- added patch that prevents segfault when empty passphrase is supplied (bnc#741541)
* Mon Nov 28 2011 jengelhAATTmedozas.de- Remove redundant/unwanted tags/section (cf. specfile guidelines)- Use %_smp_mflags for parallel building
* Sun Nov 27 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Sun Oct 30 2011 mkubecekAATTsuse.cz- pam_ssh-1.97-sigmask.patch: Clear signal mask before executing ssh-agent as pam_ssh code can be called from kdm with blocked TERM signal which would be inherited by ssh-agent (bnc#727246).
* Wed May 11 2011 vcizekAATTnovell.com- set gid/groups before executing ssh-agent (bnc#665061)
* Mon Apr 18 2011 vcizekAATTnovell.com- fix for bnc#688120 (pam_ssh double free)
* Mon Feb 01 2010 jengelhAATTmedozas.de- package baselibs.conf
* Wed Jun 24 2009 sbrabecAATTsuse.cz- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Wed Jun 24 2009 sbrabecAATTsuse.cz- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Tue Apr 14 2009 anickaAATTsuse.cz- update to 1.97
* pam_get_pass.c: CVE-2009-1273 pam_ssh used a certain prompt if a user found to exist to ask for the SSH passphrase explicitely depending on whether the username was valid or invalid, which made it easier for remote attackers to enumerate usernames.- remove last patch
* Fri Apr 10 2009 anickaAATTsuse.cz- add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat bugzilla (#492153)