[arch-dev-public] [signoff] pam 1.1.3-1
Tobias Powalowski
t.powa at gmx.de
Wed Jan 5 15:07:52 EST 2011
Am Dienstag 04 Januar 2011 schrieb Andreas Radke:
> Am Mon, 3 Jan 2011 23:58:41 +0100
>
> schrieb Tobias Powalowski <t.powa at gmx.de>:
> > Release 1.1.3
> >
> > * pam_namespace: Clean environment for childs (CVE-2010-3853)
> > * libpam: New interface to drop/regain privilegs
> > * Drop root privilegs in pam_env, pam_mail and pam_xauth before
> >
> > accessing user files (CVE-2010-3430, CVE-2010-3431)
> >
> > * pam_unix: Add minlen option, change default from 6 to 0
> > * Documentation improvements
> > * Lot of small bug fixes
> >
> > Release 1.1.2
> >
> > * pam_unix: Add minlen= option
> > * pam_group: Add support for UNIX groups beside netgroups
> > * pam_tally: Document that it is deprecated
> > * pam_rootok: Add support for chauthtok and acct_mgmt
> > * Update translations
> >
> > upstream release and fixed docs #19751
> > please signoff both arches,
> > greetings
> > tpowa
>
> what about this issues?
>
> FS#13591
> FS#17188
> maybe #21391 - you should leave a comment there.
>
> -Andy
Well those can be fixed later, i don't have the time to dig into this yet.
It's updated to latest version, which fixes security issues.
greetings
tpowa
--
Tobias Powalowski
Archlinux Developer & Package Maintainer (tpowa)
http://www.archlinux.org
tpowa at archlinux.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20110105/c4386eed/attachment.asc>
More information about the arch-dev-public
mailing list