From a04b5b2a57c4fcfe33439310853b8966d1806275 Mon Sep 17 00:00:00 2001 From: Arthur de Jong Date: Sat, 26 Mar 2011 20:51:58 +0000 Subject: get files ready for 0.8.2 release git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1417 ef36b2f9-881f-0410-afb5-c4e39611909c --- debian/changelog | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 6d74432..75b0d6b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,28 @@ +nss-pam-ldapd (0.8.2) experimental; urgency=low + + * fix problem with endless loop on incorrect password + * fix definition of HOST_NAME_MAX (closes: #618795) and fall back to + _POSIX_HOST_NAME_MAX + * ignore password change requests for users not in LDAP (closes: #617452) + * many clean-ups to the tests and added some new tests including some + integration tests for the PAM functionality + * some smaller code clean-ups and improvements + * improvements to pynslcd, including implementations for service, protocol + and rpc lookups + * implement a validnames option that can be used to filter valid user and + group names using a regular expression + * integrate patch by Daniel Dehennin to not loose debconf values of + previously set options with dpkg-reconfigure (closes: #610117) + * improvements to the way nslcd shuts down with hanging worker threads + + -- Arthur de Jong Sat, 26 Mar 2011 19:00:00 +0100 + nss-pam-ldapd (0.8.1) experimental; urgency=low * SECURITY FIX: the PAM module will allow authentication for users that do not exist in LDAP, this allows login to local users with an incorrect password (CVE-2011-0438) - the explotability of the problem depends on the details of + the exploitability of the problem depends on the details of the PAM stack and the use of the minimum_uid PAM option * add FreeBSD support, partially imported from the FreeBSD port (thanks to Jacques Vidrine, Artem Kazakov and Alexander V. Chernikov) -- cgit v1.2.3