Ubuntu
pam package

Change log for pam package in Ubuntu

175 of 200 results FirstPreviousLast
Published in noble-proposed 
pam (1.5.3-5ubuntu5.1) noble; urgency=medium

  [ Sam Hartman ]
  * Correct Build depends for docbook5 (LP: #2064360)
  * Depend on libdb-dev again, bringing back pam_userdb (LP: #2064350)

 -- Dan Bungert <email address hidden>  Thu, 02 May 2024 16:20:13 -0600

Available diffs

Published in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular) 
pam (1.5.3-7ubuntu1) oracular; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager
      when there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
    - d/p/pam_env-remove-deprecation-notice-for-user_readenv.patch: drop
      deprecation warning about user_readenv from pam_env (LP 2059859)

 -- Dan Bungert <email address hidden>  Tue, 30 Apr 2024 16:17:36 -0600

Available diffs

Superseded in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.3-5ubuntu5) noble; urgency=medium

  * d/p/pam_env-remove-deprecation-notice-for-user_readenv.patch: drop
    deprecation warning about user_readenv from pam_env (LP: #2059859)

 -- Andreas Hasenack <email address hidden>  Wed, 10 Apr 2024 16:19:22 -0300

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.3-5ubuntu4) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 00:03:23 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.3-5ubuntu3) noble; urgency=medium

  * No-change rebuild against libdb5.3t64

 -- Steve Langasek <email address hidden>  Sat, 02 Mar 2024 20:36:06 +0000
Superseded in noble-proposed 
pam (1.5.3-5ubuntu2) noble; urgency=medium

  * Fix FTBFS when built with -Werror=implicit-function-declaration
    (LP: #2055453)

 -- Dan Bungert <email address hidden>  Thu, 29 Feb 2024 11:53:08 -0700

Available diffs

Superseded in noble-proposed 
pam (1.5.3-5ubuntu1) noble; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager
      when there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available

Available diffs

Deleted in noble-proposed (Reason: Backing out libpam0g package name change per discussion w...) 
pam (1.5.3-4ubuntu1) noble; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0t64.postinst: only ask questions during update-manager
      when there are non-default services running.
    - debian/libpam0t64.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
  * Dropped changes, included in Debian:
    - SECURITY UPDATE: pam_namespace local denial of service
      - debian/patches/CVE-2024-22365.patch: use O_DIRECTORY to
        prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
      - CVE-2024-22365
    - Install into /usr/{lib,sbin} instead of /{lib,sbin}. Assumes
      usrmerge aliasing symlinks are in place since bookworm to keep
      compatibility with PAM modules still installing into /lib.
      (DEP17 M2) (Closes: #1060160).
    - Mitigate /usr-move file loss. (Closes: #1062802)
    - Update lintian override for setgid binary.

 -- Dan Bungert <email address hidden>  Wed, 28 Feb 2024 21:07:18 -0700

Available diffs

Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.2-9.1ubuntu3) noble; urgency=medium

  [ Chris Hofstaedtler ]
  * Install into /usr/{lib,sbin} instead of /{lib,sbin}. Assumes
    usrmerge aliasing symlinks are in place since bookworm to keep
    compatibility with PAM modules still installing into /lib.
    (DEP17 M2) (Closes: #1060160).
  * Update lintian override for setgid binary.

  [ Helmut Grohne ]
  * Mitigate /usr-move file loss. (Closes: #1062802)

 -- Julian Andres Klode <email address hidden>  Thu, 22 Feb 2024 13:24:31 +0100
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.2-9.1ubuntu2) noble; urgency=medium

  * SECURITY UPDATE: pam_namespace local denial of service
    - debian/patches-applied/CVE-2024-22365.patch: use O_DIRECTORY to
      prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
    - CVE-2024-22365

 -- Marc Deslauriers <email address hidden>  Wed, 17 Jan 2024 12:28:44 -0500
Published in jammy-updates
Published in jammy-security 
pam (1.4.0-11ubuntu2.4) jammy-security; urgency=medium

  * SECURITY UPDATE: pam_namespace local denial of service
    - debian/patches-applied/CVE-2024-22365.patch: use O_DIRECTORY to
      prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
    - CVE-2024-22365

 -- Marc Deslauriers <email address hidden>  Wed, 10 Jan 2024 08:54:07 -0500
Published in focal-updates
Published in focal-security 
pam (1.3.1-5ubuntu4.7) focal-security; urgency=medium

  * SECURITY UPDATE: pam_namespace local denial of service
    - debian/patches-applied/CVE-2024-22365.patch: use O_DIRECTORY to
      prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
    - CVE-2024-22365

 -- Marc Deslauriers <email address hidden>  Wed, 10 Jan 2024 08:55:08 -0500
Published in mantic-updates
Published in mantic-security 
pam (1.5.2-6ubuntu1.1) mantic-security; urgency=medium

  * SECURITY UPDATE: pam_namespace local denial of service
    - debian/patches-applied/CVE-2024-22365.patch: use O_DIRECTORY to
      prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
    - CVE-2024-22365

 -- Marc Deslauriers <email address hidden>  Wed, 10 Jan 2024 08:48:58 -0500
Published in lunar-updates
Published in lunar-security 
pam (1.5.2-5ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: pam_namespace local denial of service
    - debian/patches-applied/CVE-2024-22365.patch: use O_DIRECTORY to
      prevent local DoS situations in modules/pam_namespace/pam_namespace.c.
    - CVE-2024-22365

 -- Marc Deslauriers <email address hidden>  Wed, 10 Jan 2024 08:52:54 -0500
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
pam (1.5.2-9.1ubuntu1) noble; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
  * debian/update-motd.5: fix a typo; thanks to David
    Collantes <email address hidden>.
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
pam (1.5.2-6ubuntu1) mantic; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available

Available diffs

Published in bionic-updates
Published in bionic-security 
pam (1.1.8-3.6ubuntu2.18.04.6) bionic-security; urgency=medium

  * SECURITY REGRESSION: fix CVE-2022-28321 patch location
    - debian/patches-applied/CVE-2022-28321.patch: pam_access: handle
      hostnames in access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Thu, 02 Feb 2023 14:54:07 +0530
Superseded in focal-updates
Superseded in focal-security 
pam (1.3.1-5ubuntu4.6) focal-security; urgency=medium

  * SECURITY REGRESSION: fix CVE-2022-28321 patch location
    - debian/patches-applied/CVE-2022-28321.patch: pam_access: handle
      hostnames in access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Thu, 02 Feb 2023 14:52:59 +0530
Obsolete in kinetic-updates
Obsolete in kinetic-security 
pam (1.5.2-2ubuntu1.3) kinetic-security; urgency=medium

  * SECURITY REGRESSION: fix CVE-2022-28321 patch location
    - debian/patches-applied/CVE-2022-28321.patch: pam_access: handle
      hostnames in access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Thu, 02 Feb 2023 14:48:57 +0530
Superseded in jammy-updates
Superseded in jammy-security 
pam (1.4.0-11ubuntu2.3) jammy-security; urgency=medium

  * SECURITY REGRESSION: fix CVE-2022-28321 patch location
    - debian/patches-applied/CVE-2022-28321.patch: pam_access: handle
      hostnames in access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Thu, 02 Feb 2023 14:51:46 +0530
Superseded in bionic-updates
Superseded in bionic-security 
pam (1.1.8-3.6ubuntu2.18.04.4) bionic-security; urgency=medium

  * SECURITY UPDATE: authentication bypass vulnerability
    - debian/patches/CVE-2022-28321.patch: pam_access: handle hostnames in
      access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Tue, 24 Jan 2023 17:30:04 +0530
Superseded in focal-updates
Superseded in focal-security 
pam (1.3.1-5ubuntu4.4) focal-security; urgency=medium

  * SECURITY UPDATE: authentication bypass vulnerability
    - debian/patches/CVE-2022-28321.patch: pam_access: handle hostnames in
      access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Tue, 24 Jan 2023 17:15:43 +0530
Superseded in jammy-updates
Superseded in jammy-security 
pam (1.4.0-11ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: authentication bypass vulnerability
    - debian/patches/CVE-2022-28321.patch: pam_access: handle hostnames in
      access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Tue, 24 Jan 2023 17:07:01 +0530
Superseded in kinetic-updates
Superseded in kinetic-security 
pam (1.5.2-2ubuntu1.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: authentication bypass vulnerability
    - debian/patches/CVE-2022-28321.patch: pam_access: handle hostnames in
      access.conf
    - CVE-2022-28321

 -- Nishit Majithia <email address hidden>  Tue, 24 Jan 2023 17:06:18 +0530
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
pam (1.5.2-5ubuntu1) lunar; urgency=medium

  * Merge from Debian unstable; remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
pam (1.5.2-2ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
  * Dropped changes, no longer needed:
    - d/libpam-modules.postinst: Add /snap/bin to $PATH in /etc/environment
  * Refresh patches.
  * debian/patches-applied/extrausers.patch: update for upstream changes.

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
pam (1.4.0-13ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
    - d/libpam-modules.postinst: Add /snap/bin to $PATH in /etc/environment
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
pam (1.4.0-11ubuntu2) jammy; urgency=medium

  * Drop Recommends on update-motd which is no longer used and is not being
    maintained.

 -- Steve Langasek <email address hidden>  Wed, 23 Mar 2022 18:43:24 -0700

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
pam (1.4.0-11ubuntu1) jammy; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
    - d/libpam-modules.postinst: Add /snap/bin to $PATH in /etc/environment
  * Dropped changes, included in Debian:
    - d/p/pam_env-allow-environment-files-without-EOL-at-EOF.patch:
      Allow /etc/environment files without EOL at EOF.
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
pam (1.4.0-10ubuntu2) jammy; urgency=medium

  [ Sergio Durigan Junior ]
  * d/p/pam_env-allow-environment-files-without-EOL-at-EOF.patch:
    Allow /etc/environment files without EOL at EOF.  In other words,
    allow files without a newline at the end. (LP: #1953201)

 -- Steve Langasek <email address hidden>  Mon, 06 Dec 2021 11:05:28 -0800
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
pam (1.4.0-10ubuntu1) jammy; urgency=medium

  * Merge from Debian unstable (LP: #1916509). Remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
    - Disable custom daemon restart detection code if needrestart is available
    - d/libpam-modules.postinst: Add /snap/bin to $PATH in /etc/environment
  * Dropped changes, obsoleted:
    - pam_motd: Export MOTD_SHOWN=pam after showing MOTD
    - Return only PAM_IGNORE or error from pam_motd
    - Fix patches to fix FTBFS
    - Backport pam_faillock module from pam 1.4.0
    - debian/patches-applied/nullok_secure-compat.patch: Support
      nullok_secure as a deprecated alias for nullok.
    -  debian/pam-configs/unix: use nullok, not nullok_secure.
  * Patches:
    - d/p/pam_motd-legal-notice: refreshed
    - Refreshed d/p/pam_umask_usergroups_from_login.defs.patch to use
      pam_modutil_search_key instead of our own hand-rolled version
    - d/p/extrausers.patch: Refreshed the patch and fixed the
      HAVE_LIBSELINUX conditional removed upstream.
  * d/local/pam-auth-update: refreshed the md5sum for debian/local/common-session

 -- Simon Chopin <email address hidden>  Tue, 26 Oct 2021 10:49:14 +0200

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu4.3) focal; urgency=medium

  * Correctly document current VCS in debian/control.
  * Drop patches to implement "nullok_secure" option for pam_unix.
    Closes: #674857, #936071, LP: #1860826.
  * debian/patches-applied/nullok_secure-compat.patch: Support
    nullok_secure as a deprecated alias for nullok.
  * debian/pam-configs/unix: use nullok, not nullok_secure.
  * extrausers.patch: update for compatibility with the removal of
    nullok_secure.

 -- Steve Langasek <email address hidden>  Thu, 16 Sep 2021 23:14:49 -0700
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
pam (1.3.1-5ubuntu11) impish; urgency=medium

  * extrausers.patch: update for compatibility with the removal of
    nullok_secure.

 -- Steve Langasek <email address hidden>  Wed, 15 Sep 2021 22:39:58 -0700
Superseded in impish-proposed 
pam (1.3.1-5ubuntu10) impish; urgency=medium

  * Fix up the nullok_secure-compat.patch to apply properly on 1.3.1.

 -- Steve Langasek <email address hidden>  Wed, 15 Sep 2021 18:28:12 -0700
Superseded in impish-proposed 
pam (1.3.1-5ubuntu9) impish; urgency=medium

  * Correctly document current VCS in debian/control.
  * Drop patches to implement "nullok_secure" option for pam_unix.
    Closes: #674857, #936071, LP: #1860826.
  * debian/patches-applied/nullok_secure-compat.patch: Support
    nullok_secure as a deprecated alias for nullok.
  * debian/pam-configs/unix: use nullok, not nullok_secure.

 -- Steve Langasek <email address hidden>  Wed, 15 Sep 2021 18:18:19 -0700

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
pam (1.3.1-5ubuntu8) impish; urgency=medium

  * Disable custom daemon restart detection code if needrestart is available
    (LP: #1935972)

 -- Simon Chopin <email address hidden>  Tue, 13 Jul 2021 10:28:04 +0200

Available diffs

Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
pam (1.1.8-3.6ubuntu2.18.04.3) bionic; urgency=medium

  * Backport pam_faillock module from pam 1.4.0 (LP: #1927796)
    - debian/patches-applied/add_pam_faillock.patch: add module.
    - debian/patches-applied/pam_faillock_create_directory: create dir
      before creating file in modules/pam_faillock/faillock.c.
    - debian/rules: set execute permissions on pam_faillock test.
    - debian/libpam-modules-bin.install: install faillock binary and man
      page.

 -- Marc Deslauriers <email address hidden>  Thu, 08 Apr 2021 07:27:58 -0400
Obsolete in hirsute-updates
Deleted in hirsute-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu6.21.04.1) hirsute; urgency=medium

  * Backport pam_faillock module from pam 1.4.0 (LP: #1927796)
    - debian/patches-applied/add_pam_faillock.patch: add module.
    - debian/patches-applied/pam_faillock_create_directory: create dir
      before creating file in modules/pam_faillock/faillock.c.
    - debian/rules: set execute permissions on pam_faillock test.
    - debian/libpam-modules-bin.install: install faillock binary and man
      page.

 -- Richard Maciel Costa <email address hidden>  Thu, 08 Apr 2021 07:06:27 -0400
Obsolete in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu6.20.10.1) groovy; urgency=medium

  * Backport pam_faillock module from pam 1.4.0 (LP: #1927796)
    - debian/patches-applied/add_pam_faillock.patch: add module.
    - debian/patches-applied/pam_faillock_create_directory: create dir
      before creating file in modules/pam_faillock/faillock.c.
    - debian/rules: set execute permissions on pam_faillock test.
    - debian/libpam-modules-bin.install: install faillock binary and man
      page.

 -- Richard Maciel Costa <email address hidden>  Thu, 08 Apr 2021 07:06:27 -0400
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu4.2) focal; urgency=medium

  * Backport pam_faillock module from pam 1.4.0 (LP: #1927796)
    - debian/patches-applied/add_pam_faillock.patch: add module.
    - debian/patches-applied/pam_faillock_create_directory: create dir
      before creating file in modules/pam_faillock/faillock.c.
    - debian/rules: set execute permissions on pam_faillock test.
    - debian/libpam-modules-bin.install: install faillock binary and man
      page.

 -- Marc Deslauriers <email address hidden>  Thu, 08 Apr 2021 07:06:27 -0400
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
pam (1.3.1-5ubuntu7) impish; urgency=medium

  * Backport pam_faillock module from pam 1.4.0 (LP: #1927796)
    - debian/patches-applied/add_pam_faillock.patch: add module.
    - debian/patches-applied/pam_faillock_create_directory: create dir
      before creating file in modules/pam_faillock/faillock.c.
    - debian/rules: set execute permissions on pam_faillock test.
    - debian/libpam-modules-bin.install: install faillock binary and man
      page.

 -- Richard Maciel Costa <email address hidden>  Thu, 08 Apr 2021 07:06:27 -0400

Available diffs

Published in xenial-updates
Deleted in xenial-proposed (Reason: moved to -updates) 
pam (1.1.8-3.2ubuntu2.3) xenial; urgency=medium

  * Move patch fixing LP: #1666203 from debian/patches to
    debian/patches-applied so it actually gets applied.
  * debian/libpam-modules.postinst: Add /snap/bin to $PATH in
    /etc/environment. (LP: #1659719)
Superseded in impish-release
Obsolete in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
pam (1.3.1-5ubuntu6) groovy; urgency=medium

  * Fix FTBFS with selinux/flask.h
    - debian/patches-applied/selinux_flask_ftbfs.patch: Fix FTBFS due to
      deprecated selinux/flask.h

 -- Mike Salvatore <email address hidden>  Wed, 05 Aug 2020 21:10:51 -0400

Available diffs

Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
pam (1.1.8-3.6ubuntu2.18.04.2) bionic; urgency=medium

  * debian/libpam-modules.postinst: Add /snap/bin to $PATH in
    /etc/environment. (LP: #1659719)

 -- Michael Hudson-Doyle <email address hidden>  Wed, 22 Jul 2020 11:40:59 +1200
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu4.1) focal; urgency=medium

  * debian/libpam-modules.postinst: Add /snap/bin to $PATH in
    /etc/environment. (LP: #1659719)

 -- Michael Hudson-Doyle <email address hidden>  Wed, 22 Jul 2020 11:30:44 +1200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
pam (1.3.1-5ubuntu5) groovy; urgency=medium

  * debian/libpam-modules.postinst: Add /snap/bin to $PATH in
    /etc/environment. (LP: #1659719)

 -- Michael Hudson-Doyle <email address hidden>  Fri, 10 Jul 2020 08:35:49 +1200

Available diffs

Obsolete in eoan-updates
Deleted in eoan-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu1.19.10.1) eoan; urgency=medium

  * Return only PAM_IGNORE or error from pam_motd (LP: #1856703)

 -- Balint Reczey <email address hidden>  Tue, 17 Dec 2019 18:56:34 +0100
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
pam (1.3.1-5ubuntu4) focal; urgency=medium

  * Return only PAM_IGNORE or error from pam_motd (LP: #1856703)

 -- Balint Reczey <email address hidden>  Tue, 17 Dec 2019 17:41:40 +0100

Available diffs

Superseded in eoan-updates
Deleted in eoan-proposed (Reason: moved to -updates) 
pam (1.3.1-5ubuntu1.19.10.0) eoan; urgency=medium

  * pam_motd: Export MOTD_SHOWN=pam after showing MOTD (LP: #1855092)

 -- Balint Reczey <email address hidden>  Wed, 04 Dec 2019 12:23:57 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
pam (1.3.1-5ubuntu3) focal; urgency=medium

  * Fix patches to fix FTBFS

 -- Balint Reczey <email address hidden>  Thu, 05 Dec 2019 13:18:35 +0100
Superseded in focal-proposed 
pam (1.3.1-5ubuntu2) focal; urgency=medium

  * pam_motd: Export MOTD_SHOWN=pam after showing MOTD (LP: #1855092)

 -- Balint Reczey <email address hidden>  Wed, 04 Dec 2019 12:23:57 +0100

Available diffs

Deleted in xenial-proposed (Reason: The package was removed due to its SRU bug(s) not being v...) 
pam (1.1.8-3.2ubuntu2.2) xenial; urgency=medium

  * Fix: pam_tty_audit failed in pam_open_session (LP: #1666203)

 -- Don van der Haghen <email address hidden>  Fri, 01 Mar 2019 09:36:08 +0000
Obsolete in cosmic-updates
Deleted in cosmic-proposed (Reason: moved to -updates) 
pam (1.1.8-3.6ubuntu3) cosmic; urgency=medium

  * debian/patches-applied/fix-pam_tty_audit.patch: (LP: #1666203)
    Fix pam_tty_audit log_passwd support and regression.

 -- Eric Desrochers <email address hidden>  Thu, 28 Feb 2019 01:20:35 +0000
Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
pam (1.1.8-3.6ubuntu2.18.04.1) bionic; urgency=medium

  * debian/patches-applied/fix-pam_tty_audit.patch: (LP: #1666203)
    Fix pam_tty_audit log_passwd support and regression.

 -- Eric Desrochers <email address hidden>  Wed, 27 Feb 2019 14:26:50 +0000
Superseded in focal-release
Obsolete in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
pam (1.3.1-5ubuntu1) disco; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - don't notify about xdm restarts during a release-upgrade
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
Superseded in disco-proposed 
pam (1.3.1-4ubuntu1) disco; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - don't notify about xdm restarts during a release-upgrade
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - Add lintian override for pam_extrausers_chkpwd
  * Dropped changes, included in Debian:
    - Fix the name of the samba service being restarted
    - Fix debian/patches-applied/update-motd to apply the correct changes
      to the README

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
pam (1.3.1-2ubuntu1) disco; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - don't notify about xdm restarts during a release-upgrade
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
  * Dropped changes, included in Debian:
    - pam-configs/mkhomedir: Added a config for pam_mkhomedir, disabled
      by default.
  * Dropped changes, obsoleted:
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build and cause a multiarch
      installation issue.
  * Fix the name of the samba service being restarted, which was now
    differently wrong in each of Debian and Ubuntu.
  * Update extrausers.patch for changes in the upstream build system.
  * Fix debian/patches-applied/update-motd to apply the correct changes
    to the README (should be forwarded to Debian)
  * debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
    include changes to the README.
  * Add lintian override for pam_extrausers_chkpwd
Superseded in disco-release
Obsolete in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
pam (1.1.8-3.6ubuntu2) bionic; urgency=medium

  * pam-auth-update: Add support for --enable option which is useful for
    enabling non-default configs without asking the admin. (LP:
    #1192719)

 -- Timo Aaltonen <email address hidden>  Thu, 05 Apr 2018 15:27:42 +0300

Available diffs

Obsolete in artful-updates
Deleted in artful-proposed (Reason: moved to -updates) 
pam (1.1.8-3.2ubuntu3.1) artful; urgency=medium

  * d/local/pam_getenv:
    - Fix "Unescaped left brace in regex" with Perl 5.22. (LP: #1538284)

 -- Seyeong Kim <email address hidden>  Thu, 05 Apr 2018 18:21:32 -0700
Superseded in xenial-updates
Deleted in xenial-proposed (Reason: moved to -updates) 
pam (1.1.8-3.2ubuntu2.1) xenial; urgency=medium

  * d/local/pam_getenv:
    - Fix "Unescaped left brace in regex" with Perl 5.22. (LP: #1538284)

 -- Seyeong Kim <email address hidden>  Thu, 05 Apr 2018 17:33:57 -0700
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
pam (1.1.8-3.6ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable.
    - Fixes unescaped brace in pam_getenv regex.  LP: #1538284.
    - Fixes pam_namespace defaults for compatibility with dash.  LP: #1081323.
  * Remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - pam-configs/mkhomedir: Added a config for pam_mkhomedir, disabled
      by default.
    - don't notify about xdm restarts during a release-upgrade
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build and cause a multiarch
      installation issue.
  * Dropped changes, included in Debian:
    - Build-depend on libfl-dev.
    - debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
      soft nofile limit read from pid 1 to FD_SETSIZE.
  * Fix references to /var/run in update-motd.5.  LP: #1571864
  * Fix service restart handling to integrate with systemd instead of
    upstart.
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
pam (1.1.8-3.2ubuntu4) bionic; urgency=medium

  * No-change rebuild to pick up the shared flex library.

 -- Matthias Klose <email address hidden>  Tue, 20 Feb 2018 07:00:02 +0000
Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
pam (1.1.8-3.2ubuntu3) artful; urgency=medium

  * No-change rebuild to pick up -fPIE compiler default in static
    libraries

 -- Steve Langasek <email address hidden>  Fri, 21 Apr 2017 20:53:23 +0000
Published in precise-updates
Published in precise-security 
pam (1.1.3-7ubuntu2.3) precise-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558597)
    - debian/patches-applied/cve-2015-3238.patch: Readd the manpage XML
      changes and also add the regenerated man pages to the patch. It is
      required to add the regenerated man pages to the patch because the build
      dependencies to regenerate the man pages are only installed during i386
      builds.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch: Add
      the changes after regenerating pam_umask.8 to the patch for the reasons
      mentioned above.

 -- Tyler Hicks <email address hidden>  Thu, 17 Mar 2016 13:14:44 -0500
Superseded in artful-release
Obsolete in zesty-release
Obsolete in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
pam (1.1.8-3.2ubuntu2) xenial; urgency=medium

  * debian/patches-applied/cve-2015-3238.patch: removed manpage changes
    so they don't get regenerated during build and cause a multiarch
    installation issue. (LP: #1558114)

 -- Marc Deslauriers <email address hidden>  Wed, 16 Mar 2016 13:34:02 -0400
Published in trusty-updates
Published in trusty-security 
pam (1.1.8-1ubuntu2.2) trusty-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558114)
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Wed, 16 Mar 2016 13:30:15 -0400
Superseded in precise-updates
Superseded in precise-security 
pam (1.1.3-7ubuntu2.2) precise-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558114)
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Wed, 16 Mar 2016 13:32:15 -0400
Obsolete in wily-updates
Obsolete in wily-security 
pam (1.1.8-3.1ubuntu3.2) wily-security; urgency=medium

  * SECURITY REGRESSION: multiarch update issue (LP: #1558114)
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Wed, 16 Mar 2016 13:27:40 -0400
Superseded in xenial-proposed 
pam (1.1.8-3.2ubuntu1) xenial; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      include patch to autogenerated manpage file
    - debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
      Update patch with follow-up changes to loginuid.c
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - debian/patches-applied/extrausers.patch: Ship pre-generated man page
    - debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
      soft nofile limit read from pid 1 to FD_SETSIZE.
    - debian/control: have libpam-modules recommend update-motd package
Superseded in precise-updates
Superseded in precise-security 
pam (1.1.3-7ubuntu2.1) precise-security; urgency=medium

  * SECURITY UPDATE: pam_userdb case-insensitive search issue
    - debian/patches-applied/cve-2013-7041.patch: fix password hash
      comparison in modules/pam_userdb/pam_userdb.c.
    - CVE-2013-7041
  * SECURITY UPDATE: directory traversal issue in pam_timestamp
    - debian/patches-applied/cve-2014-2583.patch: fix potential directory
      traversal issue in modules/pam_timestamp/pam_timestamp.c.
    - CVE-2014-2583
  * SECURITY UPDATE: username enumeration via large passwords
    - debian/patches-applied/cve-2015-3238.patch: limit password size to
      prevent a helper function hang in modules/pam_exec/pam_exec.8.xml,
      modules/pam_exec/pam_exec.c, modules/pam_unix/pam_unix.8.xml,
      modules/pam_unix/pam_unix_passwd.c, modules/pam_unix/passverify.c,
      modules/pam_unix/passverify.h, modules/pam_unix/support.c.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Tue, 15 Mar 2016 15:31:29 -0400
Superseded in trusty-updates
Superseded in trusty-security 
pam (1.1.8-1ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: pam_userdb case-insensitive search issue
    - debian/patches-applied/cve-2013-7041.patch: fix password hash
      comparison in modules/pam_userdb/pam_userdb.c.
    - CVE-2013-7041
  * SECURITY UPDATE: directory traversal issue in pam_timestamp
    - debian/patches-applied/cve-2014-2583.patch: fix potential directory
      traversal issue in modules/pam_timestamp/pam_timestamp.c.
    - CVE-2014-2583
  * SECURITY UPDATE: username enumeration via large passwords
    - debian/patches-applied/cve-2015-3238.patch: limit password size to
      prevent a helper function hang in modules/pam_exec/pam_exec.8.xml,
      modules/pam_exec/pam_exec.c, modules/pam_unix/pam_unix.8.xml,
      modules/pam_unix/pam_unix_passwd.c, modules/pam_unix/passverify.c,
      modules/pam_unix/passverify.h, modules/pam_unix/support.c.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Tue, 15 Mar 2016 14:58:49 -0400
Superseded in wily-updates
Superseded in wily-security 
pam (1.1.8-3.1ubuntu3.1) wily-security; urgency=medium

  * SECURITY UPDATE: username enumeration via large passwords
    - debian/patches-applied/cve-2015-3238.patch: limit password size to
      prevent a helper function hang in modules/pam_exec/pam_exec.8.xml,
      modules/pam_exec/pam_exec.c, modules/pam_unix/pam_unix.8.xml,
      modules/pam_unix/pam_unix_passwd.c, modules/pam_unix/passverify.c,
      modules/pam_unix/passverify.h, modules/pam_unix/support.c.
    - CVE-2015-3238

 -- Marc Deslauriers <email address hidden>  Tue, 15 Mar 2016 14:40:16 -0400
Superseded in xenial-release
Obsolete in wily-release
Obsolete in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
pam (1.1.8-3.1ubuntu3) vivid; urgency=medium

  * d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
    soft nofile limit read from pid 1 to FD_SETSIZE.
 -- Robie Basak <email address hidden>   Wed, 22 Apr 2015 08:55:24 +0000
Superseded in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
pam (1.1.8-3.1ubuntu2) vivid; urgency=medium

  * debian/control:
    - have libpam-modules recommend update-motd package
      + while libpam-modules provides pam_motd, which does dynamically
        generate the motd from /etc/update-motd.d on login, hundreds of
        users have asked in the past few years how they might "force"
        a MOTD update;  this is provided by /usr/sbin/update-motd
        in the tiny update-motd package (already in main); recommend
        this package
 -- Dustin Kirkland <email address hidden>   Tue, 11 Nov 2014 12:49:14 -0600
Superseded in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
pam (1.1.8-3.1ubuntu1) vivid; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      include patch to autogenerated manpage file
    - debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
      Update patch with follow-up changes to loginuid.c
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - debian/patches-applied/extrausers.patch: Ship pre-generated man page
175 of 200 results FirstPreviousLast