SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pam-1.3.1-33.el8.i686.rpm :

* Mon Feb 12 2024 Iker Pedrosa - 1.3.1-33- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21242
* Fri Jan 26 2024 Iker Pedrosa - 1.3.1-32- pam_access: handle hostnames in access.conf. Resolves: RHEL-3374
* Mon Jan 08 2024 Iker Pedrosa - 1.3.1-31- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-19810
* Thu Nov 02 2023 Iker Pedrosa - 1.3.1-30- pam_unix: enable bcrypt. Resolves: RHEL-5057
* Mon Jun 26 2023 Iker Pedrosa - 1.3.1-27- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2209785
* Tue May 16 2023 Iker Pedrosa - 1.3.1-26- smartcard-auth: modify the content to remove unnecessary modules. Resolves: #1983683
* Tue Nov 29 2022 Iker Pedrosa - 1.3.1-25- pam_motd: avoid unnecessary logging. Resolves: #2091062- pam_lastlog: check localtime_r() return value. Resolves: #2012871- pam_faillock: clarify missing user faillock files after reboot. Resolves: #2062512- pam_faillock: avoid logging an erroneous consecutive login failure message. Resolves: #2082442
* Thu Sep 29 2022 Iker Pedrosa - 1.3.1-24- pam_pwhistory: load configuration from file. Resolves: #2068461
* Wed Jul 13 2022 Iker Pedrosa - 1.3.1-22- Regenerate the /run/motd.d at each boot. Resolves: #2104878
* Thu Jun 23 2022 Iker Pedrosa - 1.3.1-21- pam_usertype: only use SYS_UID_MAX for system users. Resolves: #1949137
* Thu May 26 2022 Iker Pedrosa - 1.3.1-20- faillock: load configuration from file. Resolves: #1978029
* Mon May 23 2022 Iker Pedrosa - 1.3.1-19- Add the motd.d directories (empty) to silence warnings and to provide proper ownership for them. Resolves: #2014458
* Thu May 19 2022 Iker Pedrosa - 1.3.1-18- pam_motd: fix memory leak. Resolves: #2014458
* Tue May 17 2022 Iker Pedrosa - 1.3.1-17- pam_keyinit: thread-safe implementation. Resolves: #1997969- pam_motd: support multiple motd paths specified, with filename overrides. Resolves: #2014458
* Fri Jan 28 2022 Iker Pedrosa - 1.3.1-16- pam_limits: \"Unlimited\" is not a valid value for RLIMIT_NOFILE. Resolves: #2047655
* Mon May 03 2021 Iker Pedrosa 1.3.1-15- pam_userdb: Prevent garbage characters from db (#1791965)
* Thu Nov 05 2020 Iker Pedrosa 1.3.1-14- Revert 1.3.1-12
* Fri Oct 30 2020 Iker Pedrosa 1.3.1-13- pam_wheel: if getlogin fails fallback to PAM_RUSER: fixed malformed patch (#1866866)- pam_namespace: polyinstantiation refer to gdm doc (#1861841)
* Thu Jul 16 2020 Peter Robinson - 1.3.1-12- Add the motd.d directories (empty) to silence warnings and to provide proper ownership for them (#1847501)
* Fri May 15 2020 Iker Pedrosa 1.3.1-11- pam_usertype: fixed malformed patch
* Tue Apr 21 2020 Iker Pedrosa 1.3.1-10- pam_modutil_sanitize_helper_fds: fix SIGPIPE effect of PAM_MODUTIL_PIPE_FD (#1791970)
* Fri Apr 17 2020 Iker Pedrosa 1.3.1-9- pam_usertype: new module to tell if uid is in login.defs ranges (#1810474)- pam_tty_audit: if kernel audit is disabled return PAM_IGNORE (#1775357)
* Thu Dec 19 2019 Tomáš Mráz 1.3.1-8- pam_motd: Document how to properly silence unwanted motd messages
* Mon Dec 16 2019 Tomáš Mráz 1.3.1-6- pam_faillock: Fix regression in admin_group support
* Wed Oct 16 2019 Tomáš Mráz 1.3.1-5- pam_faillock: Support configuration file /etc/security/faillock.conf- pam_faillock: Support local_users_only option- pam_namespace: Support noexec, nosuid and nodev flags for tmpfs mounts- Drop tallylog and pam_tally[2] documentation- pam_lastlog: Do not display failed attempts with PAM_SILENT flag- pam_lastlog: Support unlimited option to override fsize limit- pam_unix: Log if user authenticated without password- pam_tty_audit: Improve manual page- Optimize closing fds when spawning helpers- Fix duplicate password verification in pam_authtok_verify()
* Fri Dec 07 2018 Tomáš Mráz 1.3.1-4- Drop pam_tally2 which was obsoleted and deprecated long time ago
* Mon Sep 10 2018 Tomáš Mráz 1.3.1-3- add pam_umask to postlogin PAM configuration file- fix some issues found by Coverity scan
* Fri Jun 08 2018 Tomáš Mráz 1.3.1-1- use /run instead of /var/run in pamtmp.conf (#1588612)
* Fri May 18 2018 Tomáš Mráz 1.3.1-1- new upstream release 1.3.1 with multiple improvements
* Thu Feb 08 2018 Fedora Release Engineering - 1.3.0-10- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 30 2018 Tomáš Mráz 1.3.0-9- and the NIS support now also requires libnsl2
* Sat Jan 20 2018 Björn Esser - 1.3.0-8- Rebuilt for switch to libxcrypt
* Thu Jan 11 2018 Tomáš Mráz 1.3.0-7- the NIS support now requires libtirpc
* Mon Aug 21 2017 Tomáš Mráz 1.3.0-6- add admin_group option to pam_faillock (#1285550)
* Thu Aug 03 2017 Fedora Release Engineering - 1.3.0-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering - 1.3.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Apr 20 2017 Tomáš Mráz 1.3.0-3- drop superfluous \'Changing password\' message from pam_unix (#658289)
* Sat Feb 11 2017 Fedora Release Engineering - 1.3.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri May 06 2016 Tomáš Mráz 1.3.0-1- new upstream release with multiple improvements
* Mon Apr 11 2016 Tomáš Mráz 1.2.1-8- make cracklib-dicts dependency weak (#1323172)
* Wed Apr 06 2016 Tomáš Mráz 1.2.1-7- do not drop PAM_OLDAUTHTOK if mismatched - can be used by further modules
* Mon Apr 04 2016 Tomáš Mráz 1.2.1-6- pam_unix: use pam_get_authtok() and improve prompting
* Fri Feb 05 2016 Tomáš Mráz 1.2.1-5- fix console device name in console.handlers (#1270224)
* Thu Feb 04 2016 Fedora Release Engineering - 1.2.1-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Oct 16 2015 Tomáš Mráz 1.2.1-3- pam_faillock: add possibility to set unlock_time to never
* Wed Aug 12 2015 Tomáš Mráz 1.2.1-2- drop the nproc limit setting, it is causing more harm than it solves
* Fri Jun 26 2015 Tomáš Mráz 1.2.1-1- new upstream release fixing security issue with unlimited password length
* Thu Jun 18 2015 Fedora Release Engineering - 1.2.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri May 15 2015 Tomáš Mráz 1.2.0-1- new upstream release with multiple minor improvements
* Fri Oct 17 2014 Tomáš Mráz 1.1.8-18- use USER_MGMT type for auditing in the pam_tally2 and faillock apps (#1151576)
* Thu Sep 11 2014 Tomáš Mráz 1.1.8-17- update the audit-grantor patch with the upstream changes- pam_userdb: correct the example in man page (#1078784)- pam_limits: check whether the utmp login entry is valid (#1080023)- pam_console_apply: do not print error if console.perms.d is empty- pam_limits: nofile refers to open file descriptors (#1111220)- apply PIE and full RELRO to all binaries built
* Sun Aug 17 2014 Fedora Release Engineering - 1.1.8-16- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Aug 13 2014 Tomáš Mráz 1.1.8-15- audit the module names that granted access- pam_faillock: update to latest version
* Wed Jul 30 2014 Tom Callaway - 1.1.8-14- fix license handling
* Wed Jul 16 2014 Tomáš Mráz 1.1.8-13- be tolerant to corrupted opasswd file
* Fri Jun 06 2014 Fedora Release Engineering - 1.1.8-12- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 22 2014 Tomáš Mráz 1.1.8-11- pam_loginuid: make it return PAM_IGNORE in containers
* Mon Mar 31 2014 Tomáš Mráz 1.1.8-10- fix CVE-2014-2583: potential path traversal issue in pam_timestamp
* Wed Mar 26 2014 Tomáš Mráz 1.1.8-9- pam_pwhistory: call the helper if SELinux enabled
* Tue Mar 11 2014 Tomáš Mráz 1.1.8-8- fix CVE-2013-7041: use case sensitive comparison in pam_userdb
* Mon Mar 10 2014 Tomáš Mráz 1.1.8-7- rename the 90-nproc.conf to 20-nproc.conf (#1071618)- canonicalize user name in pam_selinux (#1071010)- refresh the pam-redhat tarball
* Mon Dec 16 2013 Tomáš Mráz 1.1.8-4- raise the default soft nproc limit to 4096
* Mon Dec 02 2013 Tomáš Mráz 1.1.8-3- updated translations
* Mon Oct 21 2013 Tomáš Mráz 1.1.8-2- update lastlog with pam_lastlog also for su (#1021108)
* Mon Oct 14 2013 Tomáš Mráz 1.1.8-1- new upstream release- pam_tty_audit: allow the module to work with old kernels
* Fri Oct 04 2013 Tomáš Mráz 1.1.7-3- pam_tty_audit: proper initialization of the tty_audit_status struct
* Mon Sep 30 2013 Tomáš Mráz 1.1.7-2- add \"local_users_only\" to pam_pwquality in default configuration
* Fri Sep 13 2013 Tomáš Mráz 1.1.7-1- new upstream release
* Wed Aug 07 2013 Tomáš Mráz 1.1.6-14- use links instead of w3m to create txt documentation- recognize login session in pam_sepermit to prevent gdm from locking (#969174)- add support for disabling password logging in pam_tty_audit
* Sat Aug 03 2013 Fedora Release Engineering - 1.1.6-13- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jul 11 2013 Tomáš Mráz 1.1.6-12- add auditing of SELinux policy violation in pam_rootok (#965723)- add SELinux helper to pam_pwhistory
* Tue May 07 2013 Tomáš Mráz 1.1.6-11- the default isadir is more correct
* Wed Apr 24 2013 Tomáš Mráz 1.1.6-10- pam_unix: do not fail with bad ld.so.preload
* Fri Mar 22 2013 Tomáš Mráz 1.1.6-9- do not fail if btmp file is corrupted (#906852)- fix strict aliasing warnings in build- UsrMove- use authtok_type with pam_pwquality in system-auth- remove manual_context handling from pam_selinux (#876976)- other minor specfile cleanups
* Tue Mar 19 2013 Tomáš Mráz 1.1.6-8- check NULL return from crypt() calls (#915316)
* Thu Mar 14 2013 Tomáš Mráz 1.1.6-7- add workaround for low nproc limit for confined root user (#432903)
* Thu Feb 21 2013 Karsten Hopp 1.1.6-6- add support for ppc64p7 arch (Power7 optimized)
* Thu Feb 14 2013 Fedora Release Engineering - 1.1.6-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 22 2013 Tomas Mraz 1.1.6-4- fix build with current autotools
* Mon Oct 15 2012 Tomas Mraz 1.1.6-3- add support for tmpfs mount options in pam_namespace
* Mon Sep 03 2012 Tomas Mraz 1.1.6-2- link setuid binaries with full relro (#853158)- add rhost and tty to auditing data in modules (#677664)
* Fri Aug 17 2012 Tomas Mraz - 1.1.6-1- new upstream release
* Thu Aug 09 2012 Tomas Mraz - 1.1.5-9- make the pam_lastlog module in postlogin \'optional\' (#846843)
* Mon Aug 06 2012 Tomas Mraz - 1.1.5-8- fix build failure in pam_unix- add display of previous bad login attempts to postlogin.pamd- put the tmpfiles.d config to /usr/lib and rename it to pam.conf- build against libdb-5
* Wed May 09 2012 Tomas Mraz 1.1.5-7- add inactive account lock out functionality to pam_lastlog- fix pam_unix remember user name matching- add gecoscheck and maxclassrepeat functionality to pam_cracklib- correctly check for crypt() returning NULL in pam_unix- pam_unix - do not fallback to MD5 on password change if requested algorithm not supported by crypt() (#818741)- install empty directories
* Wed May 09 2012 Tomas Mraz 1.1.5-6- add pam_systemd to session modules
* Tue Jan 31 2012 Tomas Mraz 1.1.5-5- fix pam_namespace leaking the protect mounts to parent namespace (#755216)
* Fri Jan 13 2012 Fedora Release Engineering - 1.1.5-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Dec 21 2011 Tomas Mraz 1.1.5-3- add a note to limits.conf (#754285)
* Thu Nov 24 2011 Tomas Mraz 1.1.5-2- use pam_pwquality instead of pam_cracklib
* Thu Nov 24 2011 Tomas Mraz 1.1.5-1- upgrade to new upstream release
* Thu Aug 25 2011 Tomas Mraz 1.1.4-4- fix dereference in pam_env- fix wrong parse of userAATThost pattern in pam_access (#732081)
* Sat Jul 23 2011 Ville Skyttä - 1.1.4-3- Rebuild to fix trailing slashes in provided dirs added by rpm 4.9.1.
* Fri Jul 15 2011 Tomas Mraz 1.1.4-2- clear supplementary groups in pam_console handler execution
* Mon Jun 27 2011 Tomas Mraz 1.1.4-1- upgrade to new upstream release
* Tue Jun 07 2011 Tomas Mraz 1.1.3-10- detect the shared / and make the polydir mounts private based on that- fix memory leak and other small errors in pam_namespace
* Thu Jun 02 2011 Tomas Mraz 1.1.3-9- add support for explicit marking of the polydir mount private (#623522)
* Tue Feb 08 2011 Fedora Release Engineering - 1.1.3-8- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 22 2010 Tomas Mraz 1.1.3-7- add postlogin common PAM configuration file (#665059)
* Tue Dec 14 2010 Tomas Mraz 1.1.3-6- include patches recently submitted and applied to upstream CVS
* Thu Nov 25 2010 Tomas Mraz 1.1.3-5- add config for autocreation of subdirectories in /var/run (#656655)- automatically enable kernel console in pam_securetty
* Wed Nov 10 2010 Tomas Mraz 1.1.3-4- fix memory leak in pam_faillock
* Wed Nov 10 2010 Tomas Mraz 1.1.3-3- fix segfault in faillock utility- remove some cases where the information of existence of an user account could be leaked by the pam_faillock, document the remaining case
* Fri Nov 05 2010 Tomas Mraz 1.1.3-2- fix a mistake in the abstract X-socket connect- make pam_faillock work with screensaver
* Mon Nov 01 2010 Tomas Mraz 1.1.3-1- upgrade to new upstream release fixing CVE-2010-3316 CVE-2010-3435 CVE-2010-3853- try to connect to an abstract X-socket first to verify we are at real console (#647191)
* Wed Sep 29 2010 jkeating - 1.1.2-2- Rebuilt for gcc bug 634757
* Mon Sep 20 2010 Tomas Mraz 1.1.2-1- add pam_faillock module implementing temporary account lock out based on authentication failures during a specified interval- do not build some auxiliary tools that are not installed that require flex-static to build- upgrade to new upstream release
* Thu Jul 15 2010 Tomas Mraz 1.1.1-5- do not overwrite tallylog with empty file on upgrade
* Mon Feb 15 2010 Tomas Mraz 1.1.1-4- change the default password hash to sha512
* Fri Jan 22 2010 Tomas Mraz 1.1.1-3- fix wrong prompt when pam_get_authtok is used for new password
* Mon Jan 18 2010 Tomas Mraz 1.1.1-2- fix build with disabled audit and SELinux (#556211, #556212)
* Thu Dec 17 2009 Tomas Mraz 1.1.1-1- new upstream version with minor changes
* Mon Nov 02 2009 Tomas Mraz 1.1.0-7- pam_console: fix memory corruption when executing handlers (patch by Stas Sergeev) and a few more fixes in the handler execution code (#532302)
* Thu Oct 29 2009 Tomas Mraz 1.1.0-6- pam_xauth: set the approprate context when creating .xauth files (#531530)
* Tue Sep 01 2009 Tomas Mraz 1.1.0-5- do not change permissions with pam_console_apply- drop obsolete pam_tally module and the faillog file (#461258)
* Wed Aug 19 2009 Tomas Mraz 1.1.0-4- rebuild with new libaudit
* Mon Jul 27 2009 Tomas Mraz 1.1.0-3- fix for pam_cracklib from upstream
* Sat Jul 25 2009 Fedora Release Engineering - 1.1.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jun 23 2009 Tomas Mraz 1.1.0-1- update to new upstream version
* Wed May 13 2009 Tomas Mraz 1.0.92-1- update to new upstream version
* Fri Apr 10 2009 Tomas Mraz 1.0.91-6- add password-auth, fingerprint-auth, and smartcard-auth for applications which can use them namely gdm (#494874) patch by Ray Strode
* Thu Mar 26 2009 Tomas Mraz 1.0.91-5- replace also other std descriptors (#491471)
* Tue Mar 17 2009 Tomas Mraz 1.0.91-3- we must replace the stdin when execing the helper (#490644)
* Mon Mar 16 2009 Tomas Mraz 1.0.91-2- do not close stdout/err when execing the helpers (#488147)
* Mon Mar 09 2009 Tomas Mraz 1.0.91-1- upgrade to new upstream release
* Fri Feb 27 2009 Tomas Mraz 1.0.90-4- fix parsing of config files containing non-ASCII characters- fix CVE-2009-0579 (mininimum days for password change ignored) (#487216)- pam_access: improve handling of hostname resolution
* Thu Feb 26 2009 Fedora Release Engineering - 1.0.90-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Mon Jan 19 2009 Tomas Mraz 1.0.90-2- add helper to pam_mkhomedir for proper SELinux confinement (#476784)
* Tue Dec 16 2008 Tomas Mraz 1.0.90-1- upgrade to new upstream release- add --disable-prelude (#466242)
* Tue Sep 23 2008 Tomas Mraz 1.0.2-2- new password quality checks in pam_cracklib- report failed logins from btmp in pam_lastlog- allow larger groups in modutil functions- fix leaked file descriptor in pam_tally
* Mon Sep 08 2008 Tomas Mraz 1.0.2-1- pam_loginuid: uids are unsigned (#460241)- new minor upstream release- use external db4- drop tests for not pulling in libpthread (as NPTL should be safe)
* Wed Jul 09 2008 Tomas Mraz 1.0.1-5- update internal db4
* Wed May 21 2008 Tomas Mraz 1.0.1-4- pam_namespace: allow safe creation of directories owned by user (#437116)- pam_unix: fix multiple error prompts on password change (#443872)
* Tue May 20 2008 Tomas Mraz 1.0.1-3- pam_selinux: add env_params option which will be used by OpenSSH- fix build with new autoconf
* Tue Apr 22 2008 Tomas Mraz 1.0.1-2- pam_selinux: restore execcon properly (#443667)
* Fri Apr 18 2008 Tomas Mraz 1.0.1-1- upgrade to new upstream release (one bugfix only)- fix pam_sepermit use in screensavers
* Mon Apr 07 2008 Tomas Mraz 1.0.0-2- fix regression in pam_set_item
* Fri Apr 04 2008 Tomas Mraz 1.0.0-1- upgrade to new upstream release (bugfix only)
* Thu Mar 20 2008 Tomas Mraz 0.99.10.0-4- pam_namespace: fix problem with level polyinst (#438264)- pam_namespace: improve override checking for umount- pam_selinux: fix syslogging a context after free() (#438338)
* Thu Feb 28 2008 Tomas Mraz 0.99.10.0-3- update pam-redhat module tarball- update internal db4
* Fri Feb 22 2008 Tomas Mraz 0.99.10.0-2- if shadow is readable for an user do not prevent him from authenticating any user with unix_chkpwd (#433459)- call audit from unix_chkpwd when appropriate
* Fri Feb 15 2008 Tomas Mraz 0.99.10.0-1- new upstream release- add default soft limit for nproc of 1024 to prevent accidental fork bombs (#432903)
* Mon Feb 04 2008 Tomas Mraz 0.99.8.1-18- allow the package to build without SELinux and audit support (#431415)- macro usage cleanup
* Mon Jan 28 2008 Tomas Mraz 0.99.8.1-17- test for setkeycreatecon correctly- add exclusive login mode of operation to pam_selinux_permit (original patch by Dan Walsh)
* Tue Jan 22 2008 Tomas Mraz 0.99.8.1-16- add auditing to pam_access, pam_limits, and pam_time- moved sanity testing code to check script
* Mon Jan 14 2008 Tomas Mraz 0.99.8.1-15- merge review fixes (#226228)
* Tue Jan 08 2008 Tomas Mraz 0.99.8.1-14- support for sha256 and sha512 password hashes- account expiry checks moved to unix_chkpwd helper
* Wed Jan 02 2008 Tomas Mraz 0.99.8.1-13- wildcard match support in pam_tty_audit (by Miloslav Trmač)
* Thu Nov 29 2007 Tomas Mraz 0.99.8.1-12- add pam_tty_audit module (#244352) - written by Miloslav Trmač
* Wed Nov 07 2007 Tomas Mraz 0.99.8.1-11- add substack support
* Tue Sep 25 2007 Tomas Mraz 0.99.8.1-10- update db4 to 4.6.19 (#274661)
* Fri Sep 21 2007 Tomas Mraz 0.99.8.1-9- do not preserve contexts when copying skel and other namespace.init fixes (#298941)- do not free memory sent to putenv (#231698)
* Wed Sep 19 2007 Tomas Mraz 0.99.8.1-8- add pam_selinux_permit module- pam_succeed_if: fix in operator (#295151)
* Tue Sep 18 2007 Tomas Mraz 0.99.8.1-7- when SELinux enabled always run the helper binary instead of direct shadow access (#293181)
* Fri Aug 24 2007 Tomas Mraz 0.99.8.1-6- do not ask for blank password when SELinux confined (#254044)- initialize homedirs in namespace init script (original patch by dwalsh)
* Wed Aug 22 2007 Tomas Mraz 0.99.8.1-5- most devices are now handled by HAL and not pam_console (patch by davidz)- license tag fix- multifunction scanner device support (#251468)
* Mon Aug 13 2007 Tomas Mraz 0.99.8.1-4- fix auth regression when uid != 0 from previous build (#251804)
* Mon Aug 06 2007 Tomas Mraz 0.99.8.1-3- updated db4 to 4.6.18 (#249740)- added user and new instance parameters to namespace init- document the new features of pam_namespace- do not log an audit error when uid != 0 (#249870)
* Wed Jul 25 2007 Jeremy Katz - 0.99.8.1-2- rebuild for toolchain bug
* Mon Jul 23 2007 Tomas Mraz 0.99.8.1-1- upgrade to latest upstream version- add some firewire devices to default console perms (#240770)
* Thu Apr 26 2007 Tomas Mraz 0.99.7.1-6- pam_namespace: better document behavior on failure (#237249)- pam_unix: split out passwd change to a new helper binary (#236316)- pam_namespace: add support for temporary logons (#241226)
* Fri Apr 13 2007 Tomas Mraz 0.99.7.1-5- pam_selinux: improve context change auditing (#234781)- pam_namespace: fix parsing config file with unknown users (#234513)
* Fri Mar 23 2007 Tomas Mraz 0.99.7.1-4- pam_console: always decrement use count (#230823)- pam_namespace: use raw context for poly dir name (#227345)- pam_namespace: truncate long poly dir name (append hash) (#230120)- we don\'t patch any po files anymore
* Wed Feb 21 2007 Tomas Mraz 0.99.7.1-3- correctly relabel tty in the default case (#229542)- pam_unix: cleanup of bigcrypt support- pam_unix: allow modification of \'
*\' passwords to root
* Tue Feb 06 2007 Tomas Mraz 0.99.7.1-2- more X displays as consoles (#227462)
* Wed Jan 24 2007 Tomas Mraz 0.99.7.1-1- upgrade to new upstream version resolving CVE-2007-0003- pam_namespace: unmount poly dir for override users
* Mon Jan 22 2007 Tomas Mraz 0.99.7.0-2- add back min salt length requirement which was erroneously removed upstream (CVE-2007-0003)
* Fri Jan 19 2007 Tomas Mraz 0.99.7.0-1- upgrade to new upstream version- drop pam_stack module as it is obsolete- some changes to silence rpmlint
* Tue Jan 16 2007 Tomas Mraz 0.99.6.2-8- properly include /var/log/faillog and tallylog as ghosts and create them in post script (#209646)- update gmo files as we patch some po files (#218271)- add use_current_range option to pam_selinux (#220487)- improve the role selection in pam_selinux- remove shortcut on Password: in ja locale (#218271)- revert to old euid and not ruid when setting euid in pam_keyinit (#219486)- rename selinux-namespace patch to namespace-level
* Fri Dec 01 2006 Dan Walsh 0.99.6.2-7- fix selection of role
* Fri Dec 01 2006 Dan Walsh 0.99.6.2-6- add possibility to pam_namespace to only change MLS component- Resolves: Bug #216184
* Thu Nov 30 2006 Tomas Mraz 0.99.6.2-5- add select-context option to pam_selinux (#213812)- autoreconf won\'t work with autoconf-2.61 as configure.in is not yet adjusted for it
* Mon Nov 13 2006 Tomas Mraz 0.99.6.2-4- update internal db4 to 4.5.20 version- move setgid before setuid in pam_keyinit (#212329)- make username check in pam_unix consistent with useradd (#212153)
* Tue Oct 24 2006 Tomas Mraz 0.99.6.2-3.3- don\'t overflow a buffer in pam_namespace (#211989)
* Mon Oct 16 2006 Tomas Mraz 0.99.6.2-3.2- /var/log/faillog and tallylog must be config(noreplace)
* Fri Oct 13 2006 Tomas Mraz 0.99.6.2-3.1- preserve effective uid in namespace.init script (LSPP for newrole)- include /var/log/faillog and tallylog to filelist (#209646)- add ids to .xml docs so the generated html is always the same (#210569)
* Thu Sep 28 2006 Tomas Mraz 0.99.6.2-3- add pam_namespace option no_unmount_on_close, required for newrole
* Mon Sep 04 2006 Tomas Mraz 0.99.6.2-2- silence pam_succeed_if in default system-auth (#205067)- round the pam_timestamp_check sleep up to wake up at the start of the wallclock second (#205068)
* Thu Aug 31 2006 Tomas Mraz 0.99.6.2-1- upgrade to new upstream version, as there are mostly bugfixes except improved documentation- add support for session and password service for pam_access and pam_succeed_if- system-auth: skip session pam_unix for crond service
* Thu Aug 10 2006 Dan Walsh 0.99.5.0-8- Add new setkeycreatecon call to pam_selinux to make sure keyring has correct context
* Thu Aug 10 2006 Tomas Mraz 0.99.5.0-7- revoke keyrings properly when pam_keyinit called as root (#201048)- pam_succeed_if should return PAM_USER_UNKNOWN when getpwnam fails (#197748)
* Wed Aug 02 2006 Tomas Mraz 0.99.5.0-6- revoke keyrings properly when pam_keyinit called more than once (#201048) patch by David Howells
* Fri Jul 21 2006 Tomas Mraz 0.99.5.0-5- don\'t log pam_keyinit debug messages by default (#199783)
* Fri Jul 21 2006 Tomas Mraz 0.99.5.0-4- drop ainit from console.handlers (#199561)
* Mon Jul 17 2006 Tomas Mraz 0.99.5.0-3- don\'t report error in pam_selinux for nonexistent tty (#188722)- add pam_keyinit to the default system-auth file (#198623)
* Wed Jul 12 2006 Jesse Keating - 0.99.5.0-2.1- rebuild
* Mon Jul 03 2006 Tomas Mraz 0.99.5.0-2- fixed network match in pam_access (patch by Dan Yefimov)
* Fri Jun 30 2006 Tomas Mraz 0.99.5.0-1- updated to a new upstream release- added service as value to be matched and list matching to pam_succeed_if- namespace.init was missing from EXTRA_DIST
* Thu Jun 08 2006 Tomas Mraz 0.99.4.0-5- updated pam_namespace with latest patch by Janak Desai- merged pam_namespace patches- added buildrequires libtool- fixed a few rpmlint warnings
* Wed May 24 2006 Tomas Mraz 0.99.4.0-4- actually don\'t link to libssl as it is not used (#191915)
* Wed May 17 2006 Tomas Mraz 0.99.4.0-3- use md5 implementation from pam_unix in pam_namespace- pam_namespace should call setexeccon only when selinux is enabled
* Tue May 16 2006 Tomas Mraz 0.99.4.0-2- pam_console_apply shouldn\'t access /var when called with -r (#191401)- actually apply the large-uid patch- don\'t build hmactest in pam_timestamp so openssl-devel is not required- add missing buildrequires (#191915)
* Wed May 10 2006 Tomas Mraz 0.99.4.0-1- upgrade to new upstream version- make pam_console_apply not dependent on glib- support large uids in pam_tally, pam_tally2
* Thu May 04 2006 Tomas Mraz 0.99.3.0-5- the namespace instance init script is now in /etc/security (#190148)- pam_namespace: added missing braces (#190026)- pam_tally(2): never call fclose twice on the same FILE (from upstream)
* Wed Apr 26 2006 Tomas Mraz 0.99.3.0-4- fixed console device class for irda (#189966)- make pam_console_apply fail gracefully when a class is missing
* Tue Apr 25 2006 Tomas Mraz 0.99.3.0-3- added pam_namespace module written by Janak Desai (per-user /tmpsupport)- new pam-redhat modules version
* Fri Feb 24 2006 Tomas Mraz 0.99.3.0-2- added try_first_pass option to pam_cracklib- use try_first_pass for pam_unix and pam_cracklib in system-auth (#182350)
* Fri Feb 10 2006 Jesse Keating - 0.99.3.0-1.2- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating - 0.99.3.0-1.1- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Feb 03 2006 Tomas Mraz 0.99.3.0-1- new upstream version- updated db4 to 4.3.29- added module pam_tally2 with auditing support- added manual pages for system-auth and config-util (#179584)
* Tue Jan 03 2006 Tomas Mraz 0.99.2.1-3- remove \'initscripts\' dependency (#176508)- update pam-redhat modules, merged patches
* Fri Dec 16 2005 Tomas Mraz 0.99.2.1-2- fix dangling symlinks in -devel (#175929)- link libaudit only where necessary- actually compile in audit support
* Thu Dec 15 2005 Tomas Mraz 0.99.2.1-1- support netgroup matching in pam_succeed_if- upgrade to new release- drop pam_pwdb as it was obsolete long ago- we don\'t build static libraries anymore
* Fri Dec 09 2005 Jesse Keating - rebuilt
* Tue Nov 15 2005 Tomas Mraz 0.80-14- pam_stack is deprecated - log its usage
* Wed Oct 26 2005 Tomas Mraz 0.80-13- fixed CAN-2005-2977 unix_chkpwd should skip user verification only if run as root (#168181)- link pam_loginuid to libaudit- support no tty in pam_access (#170467)- updated audit patch (by Steve Grubb)- the previous pam_selinux change was not applied properly- pam_xauth: look for the xauth binary in multiple directories (#171164)
* Wed Oct 26 2005 Dan Walsh 0.80-12- Eliminate multiple in pam_selinux
* Fri Oct 14 2005 Dan Walsh 0.80-11- Eliminate fail over for getseuserbyname call
* Thu Oct 13 2005 Dan Walsh 0.80-10- Add getseuserbyname call for SELinux MCS/MLS policy
* Tue Oct 04 2005 Tomas Mraz - pam_console manpage fixes (#169373)
* Fri Sep 30 2005 Tomas Mraz 0.80-9- don\'t include ps and pdf docs (#168823)- new common config file for configuration utilities- remove glib2 dependency (#166979)
* Tue Sep 20 2005 Tomas Mraz 0.80-8- process limit values other than RLIMIT_NICE correctly (#168790)- pam_unix: always honor nis flag on password change (by Aaron Hope)
* Wed Aug 24 2005 Tomas Mraz 0.80-7- don\'t fail in audit code when audit is not compiled in on the newest kernels (#166422)
* Mon Aug 01 2005 Tomas Mraz 0.80-6- add option to pam_loginuid to require auditd
* Fri Jul 29 2005 Tomas Mraz 0.80-5- fix NULL dereference in pam_userdb (#164418)
* Tue Jul 26 2005 Tomas Mraz 0.80-4- fix 64bit bug in pam_pwdb- don\'t crash in pam_unix if pam_get_data fail
* Fri Jul 22 2005 Tomas Mraz 0.80-3- more pam_selinux permissive fixes (Dan Walsh)- make binaries PIE (#158938)
* Mon Jul 18 2005 Tomas Mraz 0.80-2- fixed module tests so the pam doesn\'t require itself to build (#163502)- added buildprereq for building the documentation (#163503)- relaxed permissions of binaries (u+w)
* Thu Jul 14 2005 Tomas Mraz 0.80-1- upgrade to new upstream sources- removed obsolete patches- pam_selinux module shouldn\'t fail on broken configs unless policy is set to enforcing (Dan Walsh)
* Tue Jun 21 2005 Tomas Mraz 0.79-11- update pam audit patch- add support for new limits in kernel-2.6.12 (#157050)
* Thu Jun 09 2005 Tomas Mraz 0.79-10- add the Requires dependency on audit-libs (#159885)- pam_loginuid shouldn\'t report error when /proc/self/loginuid is missing (#159974)
* Fri May 20 2005 Tomas Mraz 0.79-9- update the pam audit patch to support newest audit library, audit also pam_setcred calls (Steve Grubb)- don\'t use the audit_fd as global static variable- don\'t unset the XAUTHORITY when target user is root
* Mon May 02 2005 Tomas Mraz 0.79-8- pam_console: support loading .perms files in the console.perms.d (#156069)
* Tue Apr 26 2005 Tomas Mraz 0.79-7- pam_xauth: unset the XAUTHORITY variable on error, fix potential memory leaks- modify path to IDE floppy devices in console.perms (#155560)
* Sat Apr 16 2005 Steve Grubb 0.79-6- Adjusted pam audit patch to make exception for ECONNREFUSED
* Tue Apr 12 2005 Tomas Mraz 0.79-5- added auditing patch by Steve Grubb- added cleanup patches for bugs found by Steve Grubb- don\'t clear the shadow option of pam_unix if nis option used
* Fri Apr 08 2005 Tomas Mraz 0.79-4- #150537 - flush input first then write the prompt
* Thu Apr 07 2005 Tomas Mraz 0.79-3- make pam_unix LSB 2.0 compliant even when SELinux enabled- #88127 - change both local and NIS passwords to keep them in sync, also fix a regression in passwd functionality on NIS master server
* Tue Apr 05 2005 Tomas Mraz - #153711 fix wrong logging in pam_selinux when restoring tty label
* Sun Apr 03 2005 Tomas Mraz 0.79-2- fix NULL deref in pam_tally when it\'s used in account phase
* Thu Mar 31 2005 Tomas Mraz 0.79-1- upgrade to the new upstream release- moved pam_loginuid to pam-redhat repository
* Wed Mar 23 2005 Tomas Mraz 0.78-9- fix wrong logging in pam_console handlers- add executing ainit handler for alsa sound dmix- #147879, #112777 - change permissions for dri devices
* Fri Mar 18 2005 Tomas Mraz 0.78-8- remove ownership and permissions handling from pam_console call pam_console_apply as a handler instead
* Mon Mar 14 2005 Tomas Mraz 0.78-7- add pam_loginuid module for setting the the login uid for auditing purposes (by Steve Grubb)
* Thu Mar 10 2005 Tomas Mraz 0.78-6- add functionality for running handler executables from pam_console when console lock was obtained/lost- removed patches merged to pam-redhat
* Tue Mar 01 2005 Tomas Mraz 0.78-5- echo why tests failed when rebuilding- fixed some warnings and errors in pam_console for gcc4 build- improved parsing pam_console config file
* Mon Feb 21 2005 Tomas Mraz - don\'t log garbage in pam_console_apply (#147879)
* Tue Jan 18 2005 Tomas Mraz - don\'t require exact db4 version only conflict with incompatible one
* Wed Jan 12 2005 Tomas Mraz 0.78-4- updated pam-redhat from elvis CVS- removed obsolete patches
* Mon Jan 03 2005 Jeff Johnson 0.78-3- depend on db-4.3.27, not db-4.3.21.
* Thu Nov 25 2004 Tomas Mraz 0.78-2- add argument to pam_console_apply to restrict its work to specified files
* Tue Nov 23 2004 Tomas Mraz 0.78-1- update to Linux-PAM-0.78- #140451 parse passwd entries correctly and test for failure- #137802 allow using pam_console for authentication
* Fri Nov 12 2004 Jeff Johnson 0.77-67- rebuild against db-4.3.21.
* Thu Nov 11 2004 Tomas Mraz 0.77-66- #77646 log failures when renaming the files when changing password- Log failure on missing /etc/security/opasswd when remember option is present
* Wed Nov 10 2004 Tomas Mraz - #87628 pam_timestamp remembers authorization after logout- #116956 fixed memory leaks in pam_stack
* Wed Oct 20 2004 Tomas Mraz 0.77-65- #74062 modify the pwd-lock patch to remove NIS passwd changing deadlock
* Wed Oct 20 2004 Tomas Mraz 0.77-64- #134941 pam_console should check X11 socket only on login
* Tue Oct 19 2004 Tomas Mraz 0.77-63- Fix checking of group %group syntax in pam_limits- Drop fencepost patch as it was already fixed by upstream change from 0.75 to 0.77- Fix brokenshadow patch
* Mon Oct 11 2004 Tomas Mraz 0.77-62- Added bluetooth, raw1394 and flash to console.perms- pam_console manpage fix
* Mon Oct 11 2004 Tomas Mraz 0.77-61- #129328 pam_env shouldn\'t abort on missing /etc/environment- #126985 pam_stack should always copy the conversation function - #127524 add /etc/security/opasswd to files
* Tue Sep 28 2004 Phil Knirsch 0.77-60- Drop last patch again, fixed now correctly elsewhere
* Thu Sep 23 2004 Phil Knirsch 0.77-59- Fixed bug in pam_env where wrong initializer was used
* Fri Sep 17 2004 Dan Walsh 0.77-58- rebuild selinux patch using checkPasswdAccess
* Mon Sep 13 2004 Jindrich Novy - rebuilt
* Mon Sep 13 2004 Tomas Mraz 0.77-56- #75454 fixed locking when changing password- #127054 - #125653 removed unnecessary getgrouplist call- #124979 added quiet option to pam_succeed_if
* Mon Aug 30 2004 Warren Togami 0.77-55- #126024 /dev/pmu console perms
* Wed Aug 04 2004 Dan Walsh 0.77-54- Move pam_console.lock to /var/run/console/
* Thu Jul 29 2004 Dan Walsh 0.77-53- Close fd[1] before pam_modutilread so that unix_verify will complete
* Tue Jul 27 2004 Alan Cox 0.77-52- First chunk of Steve Grubb\'s resource leak and other fixes
* Tue Jul 27 2004 Alan Cox 0.77-51- Fixed build testing of modules- Fixed dependancies
* Tue Jul 20 2004 Dan Walsh 0.77-50- Change unix_chkpwd to return pam error codes
* Sat Jul 10 2004 Alan Cox - Fixed the pam glib2 dependancy issue
* Mon Jun 21 2004 Alan Cox - Fixed the pam_limits fencepost error (#79989) since nobody seems to be doing it
* Tue Jun 15 2004 Elliot Lee - rebuilt
* Wed Jun 09 2004 Dan Walsh 0.77-45- Add requires libselinux > 1.8
* Thu Jun 03 2004 Dan Walsh 0.77-44- Add MLS Support to selinux patch
* Wed Jun 02 2004 Dan Walsh 0.77-43- Modify pam_selinux to use open and close param
* Fri May 28 2004 Dan Walsh 0.77-42- Split pam module into two parts open and close
* Tue May 18 2004 Phil Knirsch 0.77-41- Fixed 64bit segfault in pam_succeed_if module.
* Wed Apr 14 2004 Dan Walsh 0.77-40- Apply changes from audit.
* Mon Apr 12 2004 Dan Walsh 0.77-39- Change to only report failure on relabel if debug
* Wed Mar 03 2004 Dan Walsh 0.77-38- Fix error handling of pam_unix
* Tue Mar 02 2004 Elliot Lee - rebuilt
* Thu Feb 26 2004 Dan Walsh 0.77-36- fix tty handling
* Thu Feb 26 2004 Dan Walsh 0.77-35- remove tty closing and opening from pam_selinux, it does not work.
* Fri Feb 13 2004 Elliot Lee - rebuilt
* Thu Feb 12 2004 Nalin Dahyabhai - pam_unix: also log successful password changes when using shadowed passwords
* Tue Feb 10 2004 Dan Walsh 0.77-33- close and reopen terminal after changing context.
* Thu Feb 05 2004 Dan Walsh 0.77-32- Check for valid tty
* Tue Feb 03 2004 Dan Walsh 0.77-31- Check for multiple > 1
* Mon Feb 02 2004 Dan Walsh 0.77-30- fix is_selinux_enabled call for pam_rootok
* Wed Jan 28 2004 Dan Walsh 0.77-29- More fixes to pam_selinux,pam_rootok
* Wed Jan 28 2004 Dan Walsh 0.77-28- turn on selinux
* Wed Jan 28 2004 Dan Walsh 0.77-27- Fix rootok check.
* Mon Jan 26 2004 Dan Walsh 0.77-26- fix is_selinux_enabled call
* Sun Jan 25 2004 Dan Walsh 0.77-25- Check if ROOTOK for SELinux
* Thu Jan 15 2004 Dan Walsh 0.77-24- Fix tty handling for pts in pam_selinux
* Thu Jan 15 2004 Dan Walsh 0.77-23- Need to add qualifier context for sudo situation
* Thu Jan 15 2004 Dan Walsh 0.77-22- Fix pam_selinux to use prevcon instead of pam_user so it will work for su.
* Fri Dec 12 2003 Bill Nottingham 0.77-21.sel- add alsa devs to console.perms
* Thu Dec 11 2003 Jeff Johnson 0.77-20.sel- rebuild with db-4.2.52.- build db4 in build_unix, not dist.
* Wed Nov 26 2003 Dan Walsh 0.77-19.sel- Change unix_chkpwd to handle unix_passwd and unix_acct- This eliminates the need for pam modules to have read/write access to /etc/shadow.
* Thu Nov 20 2003 Dan Walsh 0.77-18.sel- Cleanup unix_chkpwd
* Mon Nov 03 2003 Dan Walsh 0.77-17.sel- Fix tty handling - Add back multiple handling
* Mon Oct 27 2003 Dan Walsh 0.77-16.sel- Remove Multiple from man page of pam_selinux
* Thu Oct 23 2003 Nalin Dahyabhai 0.77-15- don\'t install _pam_aconf.h -- apps don\'t use it, other PAM headers which are installed don\'t use it, and its contents may be different for arches on a multilib system- check for linkage problems in modules at %install-time (kill #107093 dead)- add buildprereq on flex (#101563)
* Wed Oct 22 2003 Nalin Dahyabhai - make pam_pwdb.so link with libnsl again so that it loads (#107093)- remove now-bogus buildprereq on db4-devel (we use a bundled copy for pam_userdb to avoid symbol collisions with other db libraries in apps)
* Mon Oct 20 2003 Dan Walsh 0.77-14.sel- Add Russell Coker patch to handle /dev/pty
* Fri Oct 17 2003 Dan Walsh 0.77-13.sel- Turn on Selinux
* Fri Oct 17 2003 Dan Walsh 0.77-12- Fix pam_timestamp to work when 0 seconds have elapsed
* Mon Oct 06 2003 Dan Walsh 0.77-11- Turn off selinux
* Thu Sep 25 2003 Dan Walsh 0.77-10.sel- Turn on Selinux and remove multiple choice of context.
* Wed Sep 24 2003 Dan Walsh 0.77-10- Turn off selinux
* Wed Sep 24 2003 Dan Walsh 0.77-9.sel- Add Russell\'s patch to check password
* Wed Sep 17 2003 Dan Walsh 0.77-8.sel- handle ttys correctly in pam_selinux
* Fri Sep 05 2003 Dan Walsh 0.77-7.sel- Clean up memory problems and fix tty handling.
* Mon Jul 28 2003 Dan Walsh 0.77-6- Add manual context selection to pam_selinux
* Mon Jul 28 2003 Dan Walsh 0.77-5- Add pam_selinux
* Mon Jul 28 2003 Dan Walsh 0.77-4- Add SELinux support
* Thu Jul 24 2003 Nalin Dahyabhai 0.77-3- pam_postgresok: add- pam_xauth: add \"targetuser\" argument
* Tue Jul 22 2003 Nalin Dahyabhai - pam_succeed_if: fix thinko in argument parsing which would walk past the end of the argument list
* Wed Jul 09 2003 Nalin Dahyabhai 0.77-2- reapply: - set handler for SIGCHLD to SIG_DFL around
*_chkpwd, not SIG_IGN
* Mon Jul 07 2003 Nalin Dahyabhai 0.77-1- pam_timestamp: fail if the key file doesn\'t contain enough data
* Thu Jul 03 2003 Nalin Dahyabhai 0.77-0- update to 0.77 upstream release - pam_limits: limits now affect root as well - pam_nologin: returns PAM_IGNORE instead of PAM_SUCCESS unless \"successok\" is given as an argument - pam_userdb: correctly return PAM_AUTH_ERR instead of PAM_USER_UNKNOWN when invoked with the \"key_only\" argument and the database has an entry of the form \"user-\"- use a bundled libdb for pam_userdb.so because the system copy uses threads, and demand-loading a shared library which uses threads into an application which doesn\'t is a Very Bad Idea
* Thu Jul 03 2003 Nalin Dahyabhai - pam_timestamp: use a message authentication code to validate timestamp files
* Mon Jun 30 2003 Nalin Dahyabhai 0.75-48.1- rebuild
* Mon Jun 09 2003 Nalin Dahyabhai 0.75-49- modify calls to getlogin() to check the directory of the current TTY before searching for an entry in the utmp/utmpx file (#98020, #98826, CAN-2003-0388)
* Wed Jun 04 2003 Elliot Lee - rebuilt
* Mon Feb 10 2003 Bill Nottingham 0.75-48- set handler for SIGCHLD to SIG_DFL around
*_chkpwd, not SIG_IGN
* Wed Jan 22 2003 Tim Powers 0.75-47- rebuilt
* Tue Dec 17 2002 Nalin Dahyabhai 0.75-46- pam_xauth: reintroduce ACL support, per the original white paper- pam_xauth: default root\'s export ACL to none instead of everyone
* Mon Dec 02 2002 Nalin Dahyabhai 0.75-45- create /lib/security, even if it isn\'t /%{_lib}/security, because we can\'t locate /lib/security/$ISA without it (noted by Arnd Bergmann)- clear out the duplicate docs directory created during %install
* Thu Nov 21 2002 Nalin Dahyabhai 0.75-44- fix syntax errors in pam_console\'s yacc parser which newer bison chokes on- forcibly set FAKEROOT at make install time
* Tue Oct 22 2002 Nalin Dahyabhai 0.75-43- patch to interpret $ISA in case the fist module load attempt fails- use $ISA in default configs
* Fri Oct 04 2002 Elliot Lee 0.75-42- Since cracklib-dicts location will not be correctly detected without that package being installed, add buildreq for cracklib-dicts.- Add patch57: makes configure use $LIBNAME when searching for cracklib dicts, and error out if not found.
* Thu Sep 12 2002 Than Ngo 0.75-41.1- Fixed pam config files
* Wed Sep 11 2002 Than Ngo 0.75-41- Added fix to install libs in correct directory on 64bit machine
* Fri Aug 02 2002 Nalin Dahyabhai 0.75-40- pam_timestamp_check: check that stdio descriptors are open before we\'re invoked- add missing chroot.conf
* Mon Jul 29 2002 Nalin Dahyabhai 0.75-39- pam_timestamp: sundry fixes, use \"unknown\" as the tty when none is found
* Thu Jun 27 2002 Nalin Dahyabhai 0.75-38- pam_timestamp_check: be as smart about figuring out the tty as the module is
* Wed Jun 19 2002 Nalin Dahyabhai 0.75-37- pam_timestamp_check: remove extra unlink() call spotted by Havoc
* Mon Jun 17 2002 Nalin Dahyabhai 0.75-36- pam_timestamp: chown intermediate directories when creating them- pam_timestamp_check: add -d flag to poll
* Thu May 23 2002 Nalin Dahyabhai 0.75-35- pam_timestamp: add some sanity checks- pam_timestamp_check: add
* Wed May 22 2002 Nalin Dahyabhai 0.75-34- pam_timestamp: add a \'verbose\' option
* Thu May 16 2002 Nalin Dahyabhai 0.75-33- rebuild with db4- just bundle install-sh into the source package
* Tue Apr 09 2002 Nalin Dahyabhai 0.75-32- pam_unix: be more compatible with AIX-style shadowing (#19236)
* Thu Mar 28 2002 Nalin Dahyabhai 0.75-31- libpam_misc: fix possible infinite loop in misc_conv (#62195)- pam_xauth: fix cases where DISPLAY is \"localhost:screen\" and the xauth key is actually stored using the system\'s hostname (#61524)
* Mon Mar 25 2002 Nalin Dahyabhai 0.75-30- rebuild
* Mon Mar 25 2002 Nalin Dahyabhai 0.75-29- rebuild
* Mon Mar 11 2002 Nalin Dahyabhai 0.75-28- include the pwdb config file
* Fri Mar 01 2002 Nalin Dahyabhai 0.75-27- adjust the pwdb-static patch to build pam_radius correctly (#59408)
* Fri Mar 01 2002 Nalin Dahyabhai 0.75-26- change the db4-devel build dependency to db3-devel
* Thu Feb 21 2002 Nalin Dahyabhai 0.75-25- rebuild
* Fri Feb 08 2002 Nalin Dahyabhai 0.75-24- pam_unix: log successful password changes- remove pam_timestamp
* Thu Feb 07 2002 Nalin Dahyabhai 0.75-23- fix pwdb embedding- add pam_timestamp
* Thu Jan 31 2002 Nalin Dahyabhai 0.75-22- swallow up pwdb 0.61.1 for building pam_pwdb
* Wed Jan 23 2002 Nalin Dahyabhai 0.75-21- pam_userdb: build with db4 instead of db3
* Thu Nov 22 2001 Nalin Dahyabhai 0.75-20- pam_stack: fix some memory leaks (reported by Fernando Trias)- pam_chroot: integrate Owl patch to report the more common causes of failures
* Fri Nov 09 2001 Nalin Dahyabhai 0.75-19- fix a bug in the getpwnam_r wrapper which sometimes resulted in false positives for non-existent users
* Wed Nov 07 2001 Nalin Dahyabhai 0.75-18- include libpamc in the pam package (#55651)
* Fri Nov 02 2001 Nalin Dahyabhai 0.75-17- pam_xauth: don\'t free a string after passing it to putenv()
* Wed Oct 24 2001 Nalin Dahyabhai 0.75-16- pam_xauth: always return PAM_SUCCESS or PAM_SESSION_ERR instead of PAM_IGNORE, matching the previous behavior (libpam treats PAM_IGNORE from a single module in a stack as a session error, leading to false error messages if we just return PAM_IGNORE for all cases)
* Mon Oct 22 2001 Nalin Dahyabhai 0.75-15- reorder patches so that the reentrancy patch is applied last -- we never came to a consensus on how to guard against the bugs in calling applications which this sort of change addresses, and having them last allows for dropping in a better strategy for addressing this later on
* Mon Oct 15 2001 Nalin Dahyabhai - pam_rhosts: allow \"+hostname\" as a synonym for \"hostname\" to jive better with the hosts.equiv(5) man page- use the automake install-sh instead of the autoconf install-sh, which disappeared somewhere between 2.50 and now
* Mon Oct 08 2001 Nalin Dahyabhai - add pwdb as a buildprereq
* Fri Oct 05 2001 Nalin Dahyabhai - pam_tally: don\'t try to read past the end of faillog -- it probably contains garbage, which if written into the file later on will confuse /usr/bin/faillog
* Thu Oct 04 2001 Nalin Dahyabhai - pam_limits: don\'t just return if the user is root -- we\'ll want to set the priority (it could be negative to elevate root\'s sessions)- pam_issue: fix off-by-one error allocating space for the prompt string
* Wed Oct 03 2001 Nalin Dahyabhai - pam_mkhomedir: recurse into subdirectories properly- pam_mkhomedir: handle symlinks- pam_mkhomedir: skip over special items in the skeleton directory
* Tue Oct 02 2001 Nalin Dahyabhai - add cracklib as a buildprereq- pam_wheel: don\'t ignore out if the user is attempting to switch to a unprivileged user (this lets pam_wheel do its thing when users attempt to get to system accounts or accounts of other unprivileged users)
* Fri Sep 28 2001 Nalin Dahyabhai - pam_xauth: close a possible DoS due to use of dotlock-style locking in world-writable directories by relocating the temporary file to the target user\'s home directory- general: include headers local to this tree using relative paths so that system headers for PAM won\'t be pulled in, in case include paths don\'t take care of it
* Thu Sep 27 2001 Nalin Dahyabhai - pam_xauth: rewrite to skip refcounting and just use a temporary file created using mkstemp() in /tmp
* Tue Sep 25 2001 Nalin Dahyabhai - pam_userdb: fix the key_only flag so that the null-terminator of the user-password string isn\'t expected to be part of the key in the db file, matching the behavior of db_load 3.2.9
* Mon Sep 24 2001 Nalin Dahyabhai - pam_unix: use crypt() instead of bigcrypt() when salted field is less than the critical size which lets us know it was generated with bigcrypt()- use a wrapper to handle ERANGE errors when calling get....._r functions: defining PAM_GETPWNAM_R and such (for getpwnam, getpwuid, getgrnam, getgrgid, and getspnam) before including _pam_macros.h will cause them to be implemented as static functions, similar to how defining PAM_SM_xxx is used to control whether or not PAM declares prototypes for certain functions
* Mon Sep 24 2001 Nalin Dahyabhai 0.75-14- pam_unix: argh, compare entire pruned salt string with crypted result, always
* Sat Sep 08 2001 Bill Nottingham 0.75-13- ship /lib/lib{pam,pam_misc}.so for legacy package builds
* Thu Sep 06 2001 Nalin Dahyabhai 0.75-12- noreplace configuration files in /etc/security- pam_console: update pam_console_apply and man pages to reflect /var/lock -> /var/run move
* Wed Sep 05 2001 Nalin Dahyabhai 0.75-11- pam_unix: fix the fix for #42394
* Tue Sep 04 2001 Nalin Dahyabhai - modules: use getpwnam_r and friends instead of non-reentrant versions- pam_console: clear generated .c and .h files in \"clean\" makefile target
* Thu Aug 30 2001 Nalin Dahyabhai - pam_stack: perform deep copy of conversation structures- include the static libpam in the -devel subpackage (#52321)- move development .so and .a files to %{_libdir}- pam_unix: don\'t barf on empty passwords (#51846)- pam_unix: redo compatibility with \"hash,age\" data wrt bigcrypt (#42394)- console.perms: add usb camera, scanner, and rio devices (#15528)- pam_cracklib: initialize all options properly (#49613)
* Wed Aug 22 2001 Nalin Dahyabhai - pam_limits: don\'t rule out negative priorities
* Mon Aug 13 2001 Nalin Dahyabhai 0.75-10- pam_xauth: fix errors due to uninitialized data structure (fix from Tse Huong Choo)- pam_xauth: random cleanups- pam_console: use /var/run/console instead of /var/lock/console at install-time- pam_unix: fix preserving of permissions on files which are manipulated
* Fri Aug 10 2001 Bill Nottingham - fix segfault in pam_securetty
* Thu Aug 09 2001 Nalin Dahyabhai - pam_console: use /var/run/console instead of /var/lock/console for lock files- pam_issue: read the right number of bytes from the file
* Mon Jul 09 2001 Nalin Dahyabhai - pam_wheel: don\'t error out if the group has no members, but is the user\'s primary GID (reported by David Vos)- pam_unix: preserve permissions on files which are manipulated (#43706)- pam_securetty: check if the user is the superuser before checking the tty, thereby allowing regular users access to services which don\'t set the PAM_TTY item (#39247)- pam_access: define NIS and link with libnsl (#36864)
* Thu Jul 05 2001 Nalin Dahyabhai - link libpam_misc against libpam
* Tue Jul 03 2001 Nalin Dahyabhai - pam_chroot: chdir() before chroot()
* Fri Jun 29 2001 Nalin Dahyabhai - pam_console: fix logic bug when changing permissions on single file and/or lists of files- pam_console: return the proper error code (reported and patches for both from Frederic Crozat)- change deprecated Copyright: tag in .spec file to License:
* Mon Jun 25 2001 Nalin Dahyabhai - console.perms: change js
* to js[0-9]
*- include pam_aconf.h in more modules (patches from Harald Welte)
* Thu May 24 2001 Nalin Dahyabhai - console.perms: add apm_bios to the list of devices the console owner can use- console.perms: add beep to the list of sound devices
* Mon May 07 2001 Nalin Dahyabhai - link pam_console_apply statically with libglib (#38891)
* Mon Apr 30 2001 Nalin Dahyabhai - pam_access: compare IP addresses with the terminating \".\", as documented (patch from Carlo Marcelo Arenas Belon, I think) (#16505)
* Mon Apr 23 2001 Nalin Dahyabhai - merge up to 0.75- pam_unix: temporarily ignore SIGCHLD while running the helper- pam_pwdb: temporarily ignore SIGCHLD while running the helper- pam_dispatch: default to uncached behavior if the cached chain is empty
* Fri Apr 06 2001 Nalin Dahyabhai - correct speling errors in various debug messages and doc files (#33494)
* Thu Apr 05 2001 Nalin Dahyabhai - prereq sed, fileutils (used in %post)
* Wed Apr 04 2001 Nalin Dahyabhai - remove /dev/dri from console.perms -- XFree86 munges it, so it\'s outside of our control (reminder from Daryll Strauss)- add /dev/3dfx to console.perms
* Fri Mar 23 2001 Nalin Dahyabhai - pam_wheel: make \'trust\' and \'deny\' work together correctly- pam_wheel: also check the user\'s primary gid- pam_group: also initialize groups when called with PAM_REINITIALIZE_CRED
* Tue Mar 20 2001 Nalin Dahyabhai - mention pam_console_apply in the see also section of the pam_console man pages
* Fri Mar 16 2001 Nalin Dahyabhai - console.perms: /dev/vc/
* should be a regexp, not a glob (thanks to Charles Lopes)
* Mon Mar 12 2001 Nalin Dahyabhai - console.perms: /dev/cdroms/
* should belong to the user, from Douglas Gilbert via Tim Waugh
* Thu Mar 08 2001 Nalin Dahyabhai - pam_console_apply: muck with devices even if the mount point doesn\'t exist
* Wed Mar 07 2001 Nalin Dahyabhai - pam_console: error out on undefined classes in pam_console config file- console.perms: actually change the permissions on the new device classes- pam_console: add an fstab= argument, and -f and -c flags to pam_console_apply- pam_console: use g_log instead of g_critical when bailing out- console.perms: logins on /dev/vc/
* are also console logins, from Douglas Gilbert via Tim Waugh
* Tue Mar 06 2001 Nalin Dahyabhai - add pam_console_apply- /dev/pilot\'s usually a serial port (or a USB serial port), so revert its group to \'uucp\' instead of \'tty\' in console.perms- change pam_console\'s behavior wrt directories -- directories which are mount points according to /etc/fstab are taken to be synonymous with their device special nodes, and directories which are not mount points are ignored
* Tue Feb 27 2001 Nalin Dahyabhai - handle errors fork()ing in pam_xauth- make the \"other\" config noreplace
* Mon Feb 26 2001 Nalin Dahyabhai - user should own the /dev/video directory, not the non-existent /dev/v4l- tweak pam_limits doc
* Wed Feb 21 2001 Nalin Dahyabhai - own /etc/security- be more descriptive when logging messages from pam_limits- pam_listfile: remove some debugging code (#28346)
* Mon Feb 19 2001 Nalin Dahyabhai - pam_lastlog: don\'t pass NULL to logwtmp()
* Fri Feb 16 2001 Nalin Dahyabhai - pam_listfile: fix argument parser (#27773)- pam_lastlog: link to libutil
* Tue Feb 13 2001 Nalin Dahyabhai - pam_limits: change the documented default config file to reflect the defaults- pam_limits: you should be able to log in a total of maxlogins times, not (maxlogins - 1)- handle group limits on maxlogins correctly (#25690)
* Mon Feb 12 2001 Nalin Dahyabhai - change the pam_xauth default maximum \"system user\" ID from 499 to 99 (#26343)
* Wed Feb 07 2001 Nalin Dahyabhai - refresh the default system-auth file, pam_access is out
* Mon Feb 05 2001 Nalin Dahyabhai - actually time out when attempting to lckpwdf() (#25889)- include time.h in pam_issue (#25923)- update the default system-auth to the one generated by authconfig 4.1.1- handle getpw??? and getgr??? failures more gracefully (#26115)- get rid of some extraneous {set,end}{pw,gr}ent() calls
* Tue Jan 30 2001 Nalin Dahyabhai - overhaul pam_stack to account for abstraction libpam now provides
* Tue Jan 23 2001 Nalin Dahyabhai - remove pam_radius at request of author
* Mon Jan 22 2001 Nalin Dahyabhai - merge to 0.74- make console.perms match perms set by MAKEDEV, and add some devfs device names- add \'sed\' to the buildprereq list (#24666)
* Sun Jan 21 2001 Matt Wilson - added \"exit 0\" to the end of the pre script
* Fri Jan 19 2001 Nalin Dahyabhai - self-hosting fix from Guy Streeter
* Wed Jan 17 2001 Nalin Dahyabhai - use gcc for LD_L to pull in intrinsic stuff on ia64
* Fri Jan 12 2001 Nalin Dahyabhai - take another whack at compatibility with \"hash,age\" data in pam_unix (#21603)
* Wed Jan 10 2001 Nalin Dahyabhai - make the -devel subpackage unconditional
* Tue Jan 09 2001 Nalin Dahyabhai - merge/update to 0.73
* Mon Dec 18 2000 Nalin Dahyabhai - refresh from CVS -- some weird stuff crept into pam_unix
* Tue Dec 12 2000 Nalin Dahyabhai - fix handling of \"nis\" when changing passwords by adding the checks for the data source to the password-updating module in pam_unix- add the original copyright for pam_access (fix from Michael Gerdts)
* Thu Nov 30 2000 Nalin Dahyabhai - redo similar() using a distance algorithm and drop the default dif_ok to 5- readd -devel
* Wed Nov 29 2000 Nalin Dahyabhai - fix similar() function in pam_cracklib (#14740)- fix example in access.conf (#21467)- add conditional compilation for building for 6.2 (for pam_userdb)- tweak post to not use USESHADOW any more
* Tue Nov 28 2000 Nalin Dahyabhai - make EINVAL setting lock limits in pam_limits non-fatal, because it\'s a 2.4ism
* Tue Nov 21 2000 Nalin Dahyabhai - revert to DB 3.1, which is what we were supposed to be using from the get-go
* Mon Nov 20 2000 Nalin Dahyabhai - add RLIMIT_LOCKS to pam_limits (patch from Jes Sorensen) (#20542)- link pam_userdb to Berkeley DB 2.x to match 6.2\'s setup correctly
* Mon Nov 06 2000 Matt Wilson - remove prereq on sh-utils, test ([) is built in to bash
* Thu Oct 19 2000 Nalin Dahyabhai - fix the pam_userdb module breaking
* Wed Oct 18 2000 Nalin Dahyabhai - fix pam_unix likeauth argument for authenticate(),setcred(),setcred()
* Tue Oct 17 2000 Nalin Dahyabhai - tweak pre script to be called in all upgrade cases- get pam_unix to only care about the significant pieces of passwords it checks- add /usr/include/db1/db.h as a build prereq to pull in the right include files, no matter whether they\'re in glibc-devel or db1-devel- pam_userdb.c: include db1/db.h instead of db.h
* Wed Oct 11 2000 Nalin Dahyabhai - add BuildPrereq for bison (suggested by Bryan Stillwell)
* Fri Oct 06 2000 Nalin Dahyabhai - patch from Dmitry V. Levin to have pam_stack propagate the PAM fail_delay- roll back the README for pam_xauth to actually be the right one- tweak pam_stack to use the parent\'s service name when calling the substack
* Wed Oct 04 2000 Nalin Dahyabhai - create /etc/sysconfig/authconfig at install-time if upgrading
* Mon Oct 02 2000 Nalin Dahyabhai - modify the files list to make sure #16456 stays fixed- make pam_stack track PAM_AUTHTOK and PAM_OLDAUTHTOK items- add pam_chroot module- self-hosting fixes from the -devel split- update generated docs in the tree
* Tue Sep 12 2000 Nalin Dahyabhai - split off a -devel subpackage- install the developer man pages
* Sun Sep 10 2000 Bill Nottingham - build libraries before modules
* Wed Sep 06 2000 Nalin Dahyabhai - fix problems when looking for headers in /usr/include (#17236)- clean up a couple of compile warnings
* Tue Aug 22 2000 Nalin Dahyabhai - give users /dev/cdrom
* instead of /dev/cdrom in console.perms (#16768)- add nvidia control files to console.perms
* Tue Aug 22 2000 Bill Nottingham - add DRI devices to console.perms (#16731)
* Thu Aug 17 2000 Nalin Dahyabhai - move pam_filter modules to /lib/security/pam_filter (#16111)- add pam_tally\'s application to allow counts to be reset (#16456)- move README files to the txts subdirectory
* Mon Aug 14 2000 Nalin Dahyabhai - add a postun that runs ldconfig- clean up logging in pam_xauth
* Fri Aug 04 2000 Nalin Dahyabhai - make the tarball include the release number in its name
* Mon Jul 31 2000 Nalin Dahyabhai - add a broken_shadow option to pam_unix- add all module README files to the documentation list (#16456)
* Tue Jul 25 2000 Nalin Dahyabhai - fix pam_stack debug and losing-track-of-the-result bug
* Mon Jul 24 2000 Nalin Dahyabhai - rework pam_console\'s usage of syslog to actually be sane (#14646)
* Sat Jul 22 2000 Nalin Dahyabhai - take the LOG_ERR flag off of some of pam_console\'s new messages
* Fri Jul 21 2000 Nalin Dahyabhai - add pam_localuser
* Wed Jul 12 2000 Nalin Dahyabhai - need to make pam_console\'s checking a little stronger- only pass data up from pam_stack if the parent didn\'t already define it
* Wed Jul 12 2000 Prospector - automatic rebuild
* Tue Jul 11 2000 Nalin Dahyabhai - make pam_console\'s extra checks disableable- simplify extra check to just check if the device owner is root- add a debug log when pam_stack comes across a NULL item- have pam_stack hand items up to the parent from the child
* Mon Jul 03 2000 Nalin Dahyabhai - fix installation of pam_xauth man pages (#12417)- forcibly strip helpers (#12430)- try to make pam_console a little more discriminating
* Mon Jun 19 2000 Nalin Dahyabhai - symlink libpam.so to libpam.so.%{version}, and likewise for libpam_misc- reverse order of checks in _unix_getpwnam for pam_unix
* Wed Jun 14 2000 Preston Brown - include gpmctl in pam_console
* Mon Jun 05 2000 Nalin Dahyabhai - add MANDIR definition and use it when installing man pages
* Mon Jun 05 2000 Preston Brown - handle scanner and cdwriter devices in pam_console
* Sat Jun 03 2000 Nalin Dahyabhai - add account management wrappers for pam_listfile, pam_nologin, pam_securetty, pam_shells, and pam_wheel
* Thu Jun 01 2000 Nalin Dahyabhai - add system-auth control file- let gethostname() call in pam_access.c be implicitly declared to avoid conflicting types if unistd.c declares it
* Mon May 15 2000 Nalin Dahyabhai - fix problems compiling on Red Hat Linux 5.x (bug #11005)
* Wed Apr 26 2000 Bill Nottingham - fix size assumptions in pam_(pwdb|unix) md5 code
* Mon Mar 20 2000 Nalin Dahyabhai - Add new pam_stack module.- Install pwdb_chkpwd and unix_chkpwd as the current user for non-root builds
* Sat Feb 05 2000 Nalin Dahyabhai - Fix pam_xauth bug #6191.
* Thu Feb 03 2000 Elliot Lee - Add a patch to accept \'pts/N\' in /etc/securetty as a match for tty \'5\' (which is what other pieces of the system think it is). Fixes bug #7641.
* Mon Jan 31 2000 Nalin Dahyabhai - argh, turn off gratuitous debugging
* Wed Jan 19 2000 Nalin Dahyabhai - update to 0.72- fix pam_unix password-changing bug- fix pam_unix\'s cracklib support- change package URL
* Mon Jan 03 2000 Cristian Gafton - don\'t allow \'/\' on service_name
* Thu Oct 21 1999 Cristian Gafton - enhance the pam_userdb module some more
* Fri Sep 24 1999 Cristian Gafton - add documenatation
* Tue Sep 21 1999 Michael K. Johnson - a tiny change to pam_console to make it not loose track of console users
* Mon Sep 20 1999 Michael K. Johnson - a few fixes to pam_xauth to make it more robust
* Wed Jul 14 1999 Michael K. Johnson - pam_console: added to manage /dev/console
* Thu Jul 01 1999 Michael K. Johnson - pam_xauth: New refcounting implementation based on idea from Stephen Tweedie
* Sat Apr 17 1999 Michael K. Johnson - added video4linux devices to /etc/security/console.perms
* Fri Apr 16 1999 Michael K. Johnson - added joystick lines to /etc/security/console.perms
* Thu Apr 15 1999 Michael K. Johnson - fixed a couple segfaults in pam_xauth uncovered by yesterday\'s fix...
* Wed Apr 14 1999 Cristian Gafton - use gcc -shared to link the shared libs
* Wed Apr 14 1999 Michael K. Johnson - many bug fixes in pam_xauth- pam_console can now handle broken applications that do not set the PAM_TTY item.
* Tue Apr 13 1999 Michael K. Johnson - fixed glob/regexp confusion in pam_console, added kbd and fixed fb devices- added pam_xauth module
* Sat Apr 10 1999 Cristian Gafton - pam_lastlog does wtmp handling now
* Thu Apr 08 1999 Michael K. Johnson - added option parsing to pam_console- added framebuffer devices to default console.perms settings
* Wed Apr 07 1999 Cristian Gafton - fixed empty passwd handling in pam_pwdb
* Mon Mar 29 1999 Michael K. Johnson - changed /dev/cdrom default user permissions back to 0600 in console.perms because some cdrom players open O_RDWR.
* Fri Mar 26 1999 Michael K. Johnson - added /dev/jaz and /dev/zip to console.perms
* Thu Mar 25 1999 Michael K. Johnson - changed the default user permissions for /dev/cdrom to 0400 in console.perms
* Fri Mar 19 1999 Michael K. Johnson - fixed a few bugs in pam_console
* Thu Mar 18 1999 Michael K. Johnson - pam_console authentication working- added /etc/security/console.apps directory
* Mon Mar 15 1999 Michael K. Johnson - added pam_console files to filelist
* Fri Feb 12 1999 Cristian Gafton - upgraded to 0.66, some source cleanups
* Mon Dec 28 1998 Cristian Gafton - add patch from Savochkin Andrey Vladimirovich for umask security risk
* Fri Dec 18 1998 Cristian Gafton - upgrade to ver 0.65- build the package out of internal CVS server
  
ICM