File duo_unix.changes of Package duo_unix
------------------------------------------------------------------- Thu Aug 17 20:33:42 UTC 2023 - Andrew Daugherity <adaugherity@tamu.edu> - Update to 2.0.2 and rebase patches - Patch licenses path duo_unix-2.0.2: - Make check now successfully runs on Solaris - Removed support for Ubuntu 18 - Removed support for Debian 9 - Added support for Debian 12 - Added support for Fedora 37 - Added support for Fedora 38 duo_unix-2.0.1: - The support script collects a few additional files for troubleshooting - Duo API calls now use SHA512 instead of SHA1 as the HMAC algorithm ------------------------------------------------------------------- Wed Feb 8 22:56:22 UTC 2023 - Andrew Daugherity <adaugherity@tamu.edu> - Update to 2.0.0. Note the changed behavior in pam_duo for su between two non-root users! duo_unix-2.0.0: - Changed the behavior of `su` when the target user is not root. The target user will need to complete 2FA rather than the original user. - login_duo resets the SIGPIPE handler when it closes its connection. - Added logging when Duo is invoked, to assist troubleshooting. - Updated package signing to SHA512 duo_unix-1.12.1: - Updated Unity to 2.5.2 - Added support for Fedora 34 - Removed support for Centos 8 - Added support for Centos Stream 8 - Added support for Centos Stream 9 - Added support for Ubuntu 22.04 ------------------------------------------------------------------- Wed Jan 25 21:44:27 UTC 2023 - Andrew Daugherity <adaugherity@tamu.edu> - Merge pam_duo into main package - Add README.SUSE file - Update comments in permissions file - Misc. cleanup of spec & rpmlint ------------------------------------------------------------------- Tue Jan 24 21:24:10 UTC 2023 - Andrew Daugherity <adaugherity@tamu.edu> - Patch the build to link libduo dynamically, as SUSE policy dictates. Upstream began linking statically in 1.9.20. ------------------------------------------------------------------- Fri Feb 18 19:15:39 UTC 2022 - Andrew Daugherity <adaugherity@tamu.edu> duo_unix-1.12.0: - Switched from BSON to JSON as a data interchange format - Switched from Cram to python `unittest` for testing ------------------------------------------------------------------- Fri Aug 13 20:46:53 UTC 2021 - Andrew Daugherity <adaugherity@tamu.edu> - Fix pam_duo.conf permissions ------------------------------------------------------------------- Fri Jul 23 21:24:23 UTC 2021 - Andrew Daugherity <adaugherity@tamu.edu> - Update to 1.11.4, detailed below. - Fix paths in duo_unix_support tool. - Fix RPM group for devel pkg. - Deal with statically-linked libduo (see 1.9.20 changes). - should we patch the build to force dynamic linking? duo_unix-1.11.4: - Added support for Ubuntu 20.04 - Added support tool to collect information (e.g. logs and PAM stacks) for debugging purposes duo_unix-1.11.3: - Added support for RedHat 8, CentOS 8, and Debian 10 - Improved validation of BSON messages duo_unix-1.11.2: - Added recommended Kerberos configuration for Duo Unix to our documentation, found at https://help.duo.com/s/article/5085. Thanks to Neal Poole at Facebook for bringing expertise and attention to this topic. - Updated SELinux policy to allow local logins to use the pam_duo PAM module and made sshd configurable - Added support for spaces in group names when escaped with backslashes in pam_duo.conf and login_duo.conf - Test infrastructure updates duo_unix-1.11.1: - Fixed bug causing console login to fail on certain systems duo_unix-1.11.0: - Added support for GECOS field parsing based on user-supplied delimiter - Updated README to include development/testing steps - Minor test infrastructure updates duo_unix-1.10.5: - Fixed an accidental null pointer free on systems where getaddrinfo() is unsuccessful duo_unix-1.10.4: - Removed failmode decision from auth endpoint and moved it to only preauth according to standards in our other integrations - Updated Duo Unix to speak up to TLS 1.2 - Support for LibreSSL 2.7.0 and up - Minor memory leak fixes - Output message when user is locked out duo_unix-1.10.3: - Added support for http_proxy with SELinux enabled duo_unix-1.10.2: - Added default failmode values in config files duo_unix-1.10.1: - Fixed bug causing automated tests to fail on OSX - Addressed an issue which kept configuration secrets in memory for longer than necessary duo_unix-1.10.0: - Added LibreSSL support - Added additional GECOS parsing support - Increased OSX group count duo_unix-1.9.21: - PSA-2017-002: Only allow http_proxy to be defined in configuration file instead of environment duo_unix-1.9.20: - Fix installation on AIX systems - Add support for using OpenSSL 1.1.0 - Link libduo statically to address issues with the ldconfig cache and incompatibilities between versions - Fixed a bug that produced incorrect SNI when using a proxy duo_unix-1.9.19: - Restore the http_proxy environment variable after Duo is done - Added https_timeout config option to pam_duo - Handles missing shell and adds default if not specified in getpwuid - Add SNI support and a guard for systems that don't support SNI - Bug fixes for timeouts and fallback ip addresses ------------------------------------------------------------------- Fri Jun 3 03:47:45 UTC 2016 - plinnell@opensuse.org - Update to 1-9-18 *Package cleanups and remove rpmlint warnings - still needs security review - duo_unix-1.9.18: +Added HTTP proxy connection error handling +Improved compatibility with Solaris and AIX - duo_unix-1.9.17: + Fixed PAM return code issue - duo_unix-1.9.16: +Test fixes +Compilation fixes - duo_unix-1.9.15: +SELinux policy module package support +PAM module improvements +Removed deprecated SHA1 Entrust CA - duo_unix-1.9.14: +Added SELinux policy module +Improve poll(2) error handling ------------------------------------------------------------------- Mon Dec 1 20:14:45 UTC 2014 - darin@darins.net - update packaging to comply with SONAME policy - add rpmlintrc ------------------------------------------------------------------- Thu Oct 16 16:36:58 UTC 2014 - darin@darins.net - suse packaging
