Changelog for
oath-toolkit-2.6.7-2.1.i586.rpm :
* Sun May 02 2021 Martin Hauke
- Update to version 2.6.7
* pam_oath: Support variables in usersfile string parameter. These changes introduce the ${USER} and ${HOME} placeholder values for the usersfile string in the pam_oath configuration file. The placeholder values allow the user credentials file to be stored in a file path that is relative to the user, and mimics similar behavior found in google-authenticator-libpam. The motivation for these changes is to allow for non-privileged processes to use pam_oath (e.g., for 2FA with xscreensaver). Non-privileged and non-suid programs are unable to use pam_oath. These changes are a proposed alternative to a suid helper binary as well.
* doc: Fix project URL in man pages.
* build: Drop use of libxml\'s AM_PATH_XML2 in favor of pkg-config.
* build: Modernize autotools usage. Most importantly, no longer use -Werror with AM_INIT_AUTOMAKE to make rebuilding from source more safe with future automake versions.
* Updated gnulib files.
* Wed Jan 20 2021 Martin Hauke - Update to version 2.6.6
* oathtool: Support for reading KEY and OTP from standard input or filename. KEY and OTP may now be given as \'-\' to mean stdin, or AATTFILE to read from a particular file. This is recommended on multi-user systems, since secrets as command line parameters leak.
* pam_oath: Fix unlikely logic fail on out of memory conditions.
* Tue Dec 29 2020 Martin Hauke - Update to version 2.6.5
* oathtool: Support for reading KEY and OTP from standard input or filename. KEY and OTP may now be given as \'-\' to mean stdin, or AATTFILE to read from a particular file. This is recommended on multi-user systems, since secrets as command line parameters leak.
* pam_oath: Fix unlikely logic fail on out of memory conditions.
* Doc fixes.- Update to version 2.6.4
* libpskc: New --with-xmlsec-crypto-engine to hard-code crypto engine. Use it like --with-xmlsec-crypto-engine=gnutls or - -with-xmlsec-crypto-engine=openssl if the default dynamic loading fails because of runtime linker search path issues.
* oathtool --totp --verbose now prints TOTP hash mode.
* oathtool: Hash names (e.g., SHA256) for --totp are now upper case. Lower/mixed case hash names are supported for compatibility.
* pam_oath: Fail gracefully for missing users. This allows you to incrementally add support for OATH authentication instead of forcing it on all users.
* Fix libpskc memory corruption bug.
* Fix man pages.
* Build fixes.- Update to version 2.6.3
* pam_oath: Fix self-tests.- Drop not longer needed patches:
* 0001-Fix-no-return-in-nonvoid-function-errors-reported-by.patch
* 0003-pam_oath-assign-safe-default-to-alwaysok-config-memb.patch
* 0002-update_gnulibs_files.patch
* gnulib-libio.patch- Use source verification- Use proper source URLs
* Mon Aug 06 2018 schwabAATTsuse.de- gnulib-libio.patch: Update gnulib for libio.h removal
* Thu Jul 05 2018 matthias.gerstnerAATTsuse.com- Add patch 0003-pam_oath-assign-safe-default-to-alwaysok-config-memb.patch: - fix potential security issue in low memory situation (bsc#1089114)
* Sun May 20 2018 julioAATTjuliogonzalez.es- Fix build for openSUSE Leap 42.2 and 42.3
* Wed Apr 18 2018 jengelhAATTinai.de- Trim/update descriptions. Fix RPM groups. Remove useless - -with-pic.
* Fri Apr 13 2018 mpluskalAATTsuse.com- Run spe-cleaner- Drop useless conditions
* Wed Apr 11 2018 ncutlerAATTsuse.com- bring License line into closer accordance with actual licenses mentioned in the tarball- split off xml/pskc/ directory/files from liboath0 into a separate \"oath-toolkit-xml\" subpackage to prevent conflicts if two versions of the liboath library were ever installed at the same time
* Wed Apr 11 2018 ncutlerAATTsuse.com- use %license instead of %doc to package license-related files
* Tue Jan 16 2018 dmarcouxAATTposteo.de- Add patch (last commit which changed source, not released in 2.6.2): - 0002-update_gnulibs_files.patch