(to file another bug see the 'submit bug' button on that page).
+
+There is now a second bug tracking system for Linux-PAM on BerliOS.
+You can find the list of outstanding bugs on BerliOS here:
+
+http://developer.berlios.de/bugs/?func=browse&group_id=2134&set=open
+
+BerliOS Bugs are marked with (BerliOS #XXXX).
+
====================================================================
-0.77: please submit patches for this section with actual code/doc
+0.78: please submit patches for this section with actual code/doc
patches!
+* pam_unix: severe denial of service possible with this module since
+ it locked too aggressively. Bug report and testing help from Sascha
+ Loetz. (Bug 664290 - agmorgan)
+* getlogin was spoofable: "/tmp/" and "/dev/" have the same number of
+ characters, so 'ln /dev/tty /tmp/tty1 ; bash < /tmp/tty1 ; logname'
+ attacks could potentially spoof pam_wheel with the 'trust' module
+ argument into granting access to a luser. Also, pam_unix gave
+ odd error messages in such a situation (logname != uid). This
+ problem was found by David Endler of iDefense.com (Bug 667584 -
+ agmorgan).
+* added my new DSA public key to the pgp.keys.asc file. Also included
+ a signed copy of my new public key (1024D/D41A6DF2) made with my old
+ key (1024/2A398175).
+* added "include" directive to config file syntax.
+ The whole idea is to create few "systemwide" pam configs and include
+ parts of them in application pam configs.
+ (patch by "Dmitry V. Levin" <ldv@altlinux.org>) (Bug 812567 - baggins).
+* doc/modules/pam_mkhomedir.sgml: Remove wrong debug options
+ (Bug 591605 - kukuk)
+* pam_unix: Call password checking helper whenever the password field
+ contains only one character (Bug 1027903 - kukuk)
+* libpam/pam_start.c: All service names should be files below /etc/pam.d
+ and nothing else. Forbid paths. (Bug 1027912 - kukuk)
+* pam_cracklib: Fix error in distance algorithm in the 0.9 pam_cracklib
+ module (Bug 1010142 - toady)
+* pam_userdb: applied patch from Paul Walmsley <paul@booyaka.com>
+ it now indicates whether encrypted or plaintext passwords are stored
+ in the database needed for pam_userdb (BerliOS - toady)
+* pam_group: The module should also ignore PAM_REINITIALIZE_CRED to
+ avoid spurious errors (from Linux distributors - kukuk)
+* pam_cracklib: Clear the entire options structure (from Linux
+ distributors - kukuk)
+* pam_issue: We write a NUL to prompt_tmp[tot_size] later, so make sure
+ that the destination is part of the allocated block, make do_prompt
+ static (from Linux distributors - kukuk)
+* ldconfig: Only run full ldconfig, if we don't install into a FAKEROOT
+ environment, else let ldconfig only create the symlinks correct
+ (from Linux distributors - kukuk)
+* pam_unix/pam_pwdb: Use SIG_DFL instead of SIG_IGN for SIGCHLD
+ (from Linux distributors - kukuk)
+* Add most of Steve Grubb's resource leak and other fixes (from
+ Linux distributors - kukuk)
+* doc/Makefile: Don't include .cvsignore files in tar ball (kukuk)
+* libpam_misc/misc_conv.c: Differentiate between Ctrl-D and
+ <Return> (Bug 1032604 - kukuk)
+* Make.Rules.in: Add targets for installing man pages for modules
+ (from Linux distributors - kukuk)
+* Add pam_xauth module (Bug 436440 - kukuk)
+* Add pam_localuser module (Bug 436444 - kukuk)
+* Add pam_succeed_if module (from Linux distributors - kukuk)
+* configure.in: Fix check for libcrypt (Bug 417704 - kukuk)
+* Add the "broken_shadow" argument to pam_unix, for ignoring errors
+ reading shadow information (from Linux distributors - kukuk)
+* Add patches to make PAM modules reentrant (Bug 440107 - kukuk)
+
+0.77: Mon Sep 23 10:25:42 PDT 2002
+
+* documentation support for pdf files was not quite right -
+ installation was messed up.
* pam_wheel was too aggressive to grant access (in the case of the
'deny' option you want to pay attention to 'trust'). Fix from
Nalin (Bugs 476951, 476953 - agmorgan)
* pam_unix and pam_pwdb: by default turn off the SIGCHLD handler while
running the helper binary (patch from Nalin) added the "noreap"
module argument to both of these modules to turn off this new
- default. (Bug 476963 - agmorgan).
+ default. Bugfix found by Silvan Minghetti for former module and
+ 521314 checkin. (Bugs 476963, 521314 - agmorgan).
* updated CHANGELOG and configure.in for 0.77 work.
0.76: Mon Jul 8 21:44:59 PDT 2002
projects / linux-pam / blobdiff