File pam_ssh.changes of Package pam_ssh
-------------------------------------------------------------------
Fri Dec 1 10:02:21 UTC 2017 - dimstar@opensuse.org
- Explicitly call autoreconf: an implicit call requires the same
version automake/autoconf to be present that was used to
originally bootstrap the tarball (version 1.13).
-------------------------------------------------------------------
Thu Nov 30 14:52:54 UTC 2017 - vcizek@suse.com
- Add support for building with OpenSSL 1.1 (bsc#1066988)
* partly based on https://github.com/openssh/openssh-portable/pull/48
* add pam_ssh-openssl11.patch
-------------------------------------------------------------------
Fri Jun 5 19:48:32 UTC 2015 - mpluskal@suse.com
- Update to 2.1
* session/login/default keys lexical sort order
* add ED25519 key support
* updated openssh embedded code to 6.7p1
- Cleanup spec file with spec-cleaner
-------------------------------------------------------------------
Sun Mar 8 23:48:59 UTC 2015 - p.drouand@gmail.com
- Update to version 2.01
* pam_ssh.1: updated man page to reflect the current implementation
- Remove gpg-offline require and verification; OBS handles it
- Use download Url as source
-------------------------------------------------------------------
Mon Nov 18 11:26:01 UTC 2013 - wr@rosenauer.org
- update to 2.0
* added support for ECDSA keys
* ssh-agent is now spawned in a different improved way
* ssh-agent is not started anymore for users without keys
* support try_first_password PAM option
* still ask for passphrase even if user does not exist
* expect keys used for login in ~/.ssh/login-keys.d directory
(see README; this behaviour will cause old setups to fail
since the default keys are not used anymore for auth)
* "keyfiles" option has been removed and all found keys
which can be opened using the provided passphrase will be
added to the agent
* alternative keys not used for login purposes and not named
like the default keys will be decrypted and saved for the
agent when placed in ~/.ssh/session-keys.d directory
* when there is no controlling tty now use the PID to
create the session file
* return PAM_SESSION_ERR from within the session part
instead of PAM_AUTH_ERR
* honour TMPDIR for ssh-agent
* start ssh-agent with GID of the group given at
compile time to the new configure option
--with-ssh-agent-group
- switched archive to XZ
- verify detached signature
-------------------------------------------------------------------
Thu Jun 6 09:17:42 UTC 2013 - vcizek@suse.com
- restore credentials before exitting from pam_sm_open_session
* fixes bnc#823484
* added James Carter's pam_ssh-1.97-no_tty_stay_as_user.patch
-------------------------------------------------------------------
Mon Apr 29 10:39:54 UTC 2013 - wr@rosenauer.org
- update to 1.98
* bugfix update obsoleting
- pam_ssh-1.97-empty_passphrase_segfault.patch
- pam_ssh-1.97-setgid.patch
- pam_ssh-1.97-sigmask.patch
- pam_ssh-double-free.patch
-------------------------------------------------------------------
Sat Jan 12 19:18:08 UTC 2013 - coolo@suse.com
- remove suse_update_config
-------------------------------------------------------------------
Thu Jan 12 15:57:39 UTC 2012 - vcizek@suse.com
- added patch that prevents segfault when empty passphrase is
supplied (bnc#741541)
-------------------------------------------------------------------
Mon Nov 28 11:47:01 UTC 2011 - jengelh@medozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
- Use %_smp_mflags for parallel building
-------------------------------------------------------------------
Sun Nov 27 06:54:30 UTC 2011 - coolo@suse.com
- add libtool as buildrequire to avoid implicit dependency
-------------------------------------------------------------------
Sun Oct 30 16:55:04 UTC 2011 - mkubecek@suse.cz
- pam_ssh-1.97-sigmask.patch:
Clear signal mask before executing ssh-agent as pam_ssh code can
be called from kdm with blocked TERM signal which would be
inherited by ssh-agent (bnc#727246).
-------------------------------------------------------------------
Wed May 11 15:02:57 UTC 2011 - vcizek@novell.com
- set gid/groups before executing ssh-agent (bnc#665061)
-------------------------------------------------------------------
Mon Apr 18 13:53:35 UTC 2011 - vcizek@novell.com
- fix for bnc#688120 (pam_ssh double free)
-------------------------------------------------------------------
Mon Feb 1 12:21:21 UTC 2010 - jengelh@medozas.de
- package baselibs.conf
-------------------------------------------------------------------
Wed Jun 24 19:34:49 CEST 2009 - sbrabec@suse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
-------------------------------------------------------------------
Wed Jun 24 19:34:49 CEST 2009 - sbrabec@suse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
-------------------------------------------------------------------
Tue Apr 14 11:38:44 CEST 2009 - anicka@suse.cz
- update to 1.97
* pam_get_pass.c: CVE-2009-1273
pam_ssh used a certain prompt if a user found to exist to ask
for the SSH passphrase explicitely depending on whether the
username was valid or invalid, which made it easier for remote
attackers to enumerate usernames.
- remove last patch
-------------------------------------------------------------------
Fri Apr 10 15:26:23 CEST 2009 - anicka@suse.cz
- add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat
bugzilla (#492153)
-------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
-------------------------------------------------------------------
Mon Jan 14 13:25:03 CET 2008 - anicka@suse.cz
- update to 1.96
* pam_ssh.c (key_load_private_maybe): New wrapper for
key_load_private() that checks whether the private key's
passphrase is blank.
* pam_ssh.c: if PAM returns tty_raw = NULL we shouldn't fiddle
with a per-session file. That seems to happen if the session
module is used for background system services (like cron).
* pam_ssh.c: fixed double-free issue with file closing
- remove last two patches (fixed in upstream)
-------------------------------------------------------------------
Mon Mar 5 18:06:25 CET 2007 - anicka@suse.de
- fix crash in pam_sm_open_session [#251053]
-------------------------------------------------------------------
Fri Nov 24 12:40:51 CET 2006 - max@suse.de
- Fix crashes in in the session module (#223488).
-------------------------------------------------------------------
Tue Nov 7 13:44:18 CET 2006 - ro@suse.de
- fix manpage permissions
-------------------------------------------------------------------
Thu Aug 3 12:33:02 CEST 2006 - stark@suse.de
- update to version 1.94 (r23)
* improved logging
* more recover fixes
* root credentials weren't restored in some cases which caused
following pam session modules to fail
-------------------------------------------------------------------
Sat Jun 24 11:12:13 CEST 2006 - stark@suse.de
- update to version 1.93 (r18)
* debug option works for auth and session module (#177885)
* debug option is really available now for auth and session
module (#177885)
* recover better if close_session wasn't executed (#187560)
-------------------------------------------------------------------
Wed Jun 7 08:59:20 CEST 2006 - stark@suse.de
- logging fix is integrated now
- auth handler now accepts nullok option
-------------------------------------------------------------------
Wed May 31 23:28:20 CEST 2006 - stark@suse.de
- update to version 1.92
* allow working as session module without authentication
(workaround for #173803)
* incorporated include fixes
- fixed syslog logging (part of #177885)
-------------------------------------------------------------------
Wed Jan 25 21:39:15 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Fri Oct 14 02:19:49 CEST 2005 - ro@suse.de
- added include openssl/md5.h to cipher.c
-------------------------------------------------------------------
Mon Oct 10 15:50:31 CEST 2005 - schubi@suse.de
- added "include <syslog.h>"
-------------------------------------------------------------------
Tue Nov 9 14:40:36 CET 2004 - schubi@suse.de
- Bugfixes for other architectures
-------------------------------------------------------------------
Mon Nov 8 16:16:39 CET 2004 - schubi@suse.de
- first version
