X-Git-Url: https://granicus.if.org/sourcecode?a=blobdiff_plain;f=NEWS;h=eecd883d47881da343d01fc647fb30ac3c46ca63;hb=2fc2673d889a15f097acd8ae68fe9d292dea472d;hp=4cceb6349386b170a98884ecbdbcdce3cce7783d;hpb=0f27b084fe6c0ddeec3293ef86730b6c8d9b5120;p=linux-pam diff --git a/NEWS b/NEWS index 4cceb634..eecd883d 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,163 @@ Linux-PAM NEWS -- history of user-visible changes. +Release 1.3.0 +* Remove of static modules support +* pam_unix: pass_not_set was removed +* Lot of documentation fixes +* Use TI-RPC function calls if we build against libtirpc +* Add support for new, IPv6 enabled libnsl +* Lot of bug fixes +* Use fedora.zanata.org for translations + + +Release 1.2.1 +* Fix CVE-2015-3238, affected PAM modules are pam_unix and pam_exec + + +Release 1.2.0 +* Update documentation +* Update translations +* pam_unix: add quiet option +* libpam: support alternative configuration files in /usr/lib/pam.d + as fallback +* pam_env: add support for @{HOME} and @{SHELL} +* libpam: add grantor field to audit records +* libpam: Introduce pam_modutil_sanitize_helper_fds + + +Release 1.1.8 +* pam_unix: bug fix for compiling with SELinux, fix crash at login time + + +Release 1.1.7 +* Update translations +* pam_exec: add stdout and type= options +* pam_tty_audit: add options to control logging of passwords +* pam_unix: Read defaults from /etc/login.defs +* pam_userdb: Allow modern password hashes +* pam_selinux/pam_tally2: Add tty and rhost to audit data +* Lot of docu and code fixes + + +Release 1.1.6 +* Update translations +* pam_cracklib: Add more checks for weak passwords +* pam_lastlog: Never lock out root +* Lot of bug fixes and smaller enhancements + + +Release 1.1.5 +* pam_env: Fix CVE-2011-3148 and CVE-2011-3149 +* pam_access: Add hostname resolution cache +* Documentation: Improvements/fixes + + +Release 1.1.4 + +* Add vietnamese translation +* pam_namepace: Add new functionality +* pam_securetty: Honour console= kernel option, add noconsole option +* pam_limits: Add %group syntax, drop change_uid option, add set_all option +* Lot of small bug fixes +* Lot of compiler warnings fixed +* Add support for libtirpc + + +Release 1.1.3 + +* pam_namespace: Clean environment for childs (CVE-2010-3853) +* libpam: New interface to drop/regain privilegs +* Drop root privilegs in pam_env, pam_mail and pam_xauth before + accessing user files (CVE-2010-3430, CVE-2010-3431) +* pam_unix: Add minlen option, change default from 6 to 0 +* Documentation improvements +* Lot of small bug fixes + +Release 1.1.2 + +* pam_unix: Add minlen= option +* pam_group: Add support for UNIX groups beside netgroups +* pam_tally: Document that it is deprecated +* pam_rootok: Add support for chauthtok and acct_mgmt +* Update translations + +Release 1.1.1 + +* Update translations +* pam_access: Revert netgroup match to original behavior, add new + syntax for adding the local hostname to netgroup match +* libpam: Add new functions pam_get_authtok_noverify() and + pam_get_authtok_verify() +* Add sepermit.conf.5 manual page +* Lot of bug fixes + +Release 1.1.0 + +* Update translations +* Documentation updates and fixes + +Release 1.0.92 + +* Update translations +* pam_succeed_if: Use provided username +* pam_mkhomedir: Fix handling of options + +Release 1.0.91 + +* Fixed CVE-2009-0579 (minimum days limit on password change is ignored). +* Fix libpam internal config/argument parser +* Add optional file locking to pam_tally2 +* Update translations +* pam_access improvements +* Changes in the behavior of the password stack. Results of PRELIM_CHECK + are not used for the final run. + +Release 1.0.90 + +* Supply hostname of the machine to netgroup match call in pam_access +* Make pam_namespace to work safe on child directories of parent directories + owned by users +* Redefine LOCAL keyword of pam_access configuration file +* Add support for try_first_pass and use_first_pass to pam_cracklib +* Print informative messages for rejected login and add silent and + no_log_info options to pam_tally +* Add support for passing PAM_AUTHTOK to stdin of helpers from pam_exec +* New password quality tests in pam_cracklib +* New options for pam_lastlog to show last failed login attempt and + to disable lastlog update +* New pam_pwhistory module to store last used passwords +* New pam_tally2 module similar to pam_tally with wordsize independent + tally data format +* Make libpam not log missing module if its type is prepended with '-' +* New pam_timestamp module for authentication based on recent successful + login. +* Add blowfish support to pam_unix. +* Add support for user specific environment file to pam_env. +* Add pam_get_authtok to libpam as Linux-PAM extension. +* Rename type option of pam_cracklib to authtok_type. + +Release 1.0.3 + +* Small bug fix release + + +Release 1.0.2 + +* Regression fixed in pam_selinux +* Problem with big UIDs fixed in pam_loginuid + + +Release 1.0.1 + +* Regression fixed in pam_set_item() + + +Release 1.0.0 + +* Small bug fixes +* Translation updates + + Release 0.99.10.0 * New substack directive in config file syntax.