libpam-ssh (1.98-2~bpo70+1) wheezy-backports; urgency=low * Rebuild for wheezy-backports. -- Jerome Benoit Wed, 31 Jul 2013 11:31:44 +0000 libpam-ssh (1.98-2) unstable; urgency=low * Set ssh-agent real GID to ssh group GID, as ssh-agent is installed setgid wrt to the ssh group; it allows one to pass (and to honour) environment variables otherwise discarded by glibc, as TMPDIR. * Fix ssh-agent TMPDIR honouring, see previous enhancement; TMP is no more honoured to stick closer to openssh approach. * Handle inexistent per-user configuration direction for session phase by shortcutting the process. * Let the ssh-agent to determine the apropriate shell style; this is now possible because the ssh-agent now possesses the user UID. * Move silent-ssh-single-sign-on into debian/pam-configs and rename it ssh wrt to the emerging custom. * Revisit README.Debian and NEWS.Debian to reflect changes. * Refresh pam_ssh manpage. * debian/control, Vcs-* headers canonicalization. * Slightly improve log messaging for closing sessions. -- Jerome Benoit Sun, 14 Jul 2013 13:35:55 +0000 libpam-ssh (1.98-1) unstable; urgency=low * New upstream release, which obsoletes some of the previous patches. * Update ssh-agent Debian specific starter accordingly. * debian/control, Vcs-* headers added. * Upload to unstable. -- Jerome Benoit Fri, 10 May 2013 14:03:48 +0000 libpam-ssh (1.97-1) experimental; urgency=low * New upstream version. * Bump debhelper build-dep to >= 9. * Bump Standards Version to 3.9.4. * Rewrite debian/rules: - use dh sequencer with autoreconf support - hardened * Convert debian/copyright to DEP-5 format. * Revisit debian/control. * Add optional get-orig-source target in debian/rules to get the currently packaged upstream tarball via uscan. * Add a default target in debian/rules which basically queries package status with uscan; output in DEHS format. * Update OpenSSH embedded code against OpenSSh-6.0p1 code. * Add ECDSA keys support. * Now files in $HOME/.ssh/login-keys.d with .disabled or .frozen as suffix are ignored. * Now TMPDIR and TMP are honoured when ssh-agent is spawned (implemented with libpam-tmpdir package in mind). * Revisit README.Debian and pam_ssh manpage to reflect changes. * Minor fixes and enhancements, thanks to Peter Marschall. * Conform debian/patches/ patches to DEP-3 format. -- Jerome Benoit Sun, 23 Dec 2012 10:16:10 +0000 libpam-ssh (1.92-15) unstable; urgency=low * Reintroduction release. (Closes: #685042, #664177) * New maintainer. * Fix Release Critical bug caused by libtool. (Closes: #634577) * Fix Release Critical bug caused by missing dependency. (Closes: #603819) * Add multiarch support. (Release goal) -- Jerome Benoit Tue, 06 Nov 2012 02:18:40 +0000 libpam-ssh (1.92-14) unstable; urgency=low * Fix wrong use of pam-auth-update, thanks to Steve Langasek. (Closes: #582395) -- Jens Peter Secher Sun, 06 Jun 2010 00:10:09 +0200 libpam-ssh (1.92-13) unstable; urgency=low * Added versioned dependency on cron 3.0pl1-107 which use common-session-noninteractive in pam.d, thanks to Petter Reinholdtsen. (Closes: #574708) * Added versioned dependency on libpam-runtime to provide pam-auth-update, thank to Petter Reinholdtsen. (Closes: #579078) * Tighten up description. (Closes: #575601) -- Jens Peter Secher Sat, 01 May 2010 11:33:03 +0200 libpam-ssh (1.92-12) unstable; urgency=low * Fix MIPS build failure by applying the version-scipt at build time only. -- Jens Peter Secher Sat, 20 Mar 2010 11:27:29 +0100 libpam-ssh (1.92-11) unstable; urgency=low * Pass a debian/pam_ssh.version to LD so that only pam_* symbols are exported, thanks to Erich Schubert and Timo Sirainen. (Closes: 572266) -- Jens Peter Secher Sat, 13 Mar 2010 15:43:25 +0100 libpam-ssh (1.92-10) unstable; urgency=low * Use pam-auth-update together with the new setup file /usr/share/pam-configs/silent-ssh-single-sign-on to automatically enable the traditional functionality. Please send additional profiles if you think that such profiles should be included in this package. (Closes: #383950, #566723) * Fixed manpage warning. * Bumped the Standards-Version to 3.8.4, no changes needed. -- Jens Peter Secher Sat, 27 Feb 2010 12:09:50 +0100 libpam-ssh (1.92-9) unstable; urgency=low * Converted to dpkg source format 3.0 (quilt). * Use mercurial-buildpackage for maintenance, hence a new location of the Mercurial directory. -- Jens Peter Secher Sun, 07 Feb 2010 15:34:03 +0100 libpam-ssh (1.92-8) unstable; urgency=low * Let the PAM session handle situations where there is no controlling tty, thanks to Ansgar Burchardt. (Closes: #541449) -- Jens Peter Secher Sat, 15 Aug 2009 16:09:29 +0200 libpam-ssh (1.92-7) unstable; urgency=low * Avoid leaking user names, see CVE-2009-1273. (Closes: 535877) * Do not refer to non-existing session config file in README, thanks to Andrei Popescu. (Closes: 537155) -- Jens Peter Secher Wed, 22 Jul 2009 13:59:21 +0200 libpam-ssh (1.92-6) unstable; urgency=low * Always unlock traditional SSH keys, but only use keys in login-keys.d to authenticate. (Closes: #519314) * Updated documentation to reflect the new behaviour. * Bumped the Standards-Version to 3.8.1. * Added a Vcs-Hg control filed to indicate the location of the public repository. -- Jens Peter Secher Sun, 29 Mar 2009 17:05:26 +0200 libpam-ssh (1.92-5) unstable; urgency=low * Upload to "squeeze". -- Jens Peter Secher Sat, 07 Mar 2009 10:16:49 +0100 libpam-ssh (1.92-4) experimental; urgency=low * Make detection of SSH login keys use standard file operation, thanks to Luca Niccoli and Steve McIntyre. * Do not ship any ssh-auth or ssh-session files in /etc/pam.d because it is just as easy and more flexible to add the lines directly in the relevant PAM configuration files, thanks to Sylvain Collilieux and Steve Langasek. (Closes: #325351) -- Jens Peter Secher Sun, 21 Dec 2008 00:00:48 +0100 libpam-ssh (1.92-3) experimental; urgency=low * Use all SSH keys in the special directory $HOME/.ssh/login-keys.d, thanks to Steve Langasek, Vincent Zweije, and Peter Palfrader. * Documented an alternative fall-through use, thanks to Luca Niccoli. * Avoid leaking information about the existence of users or presence of SSH login keys, thanks to Allan Wind. (Closes: #422453) * The cleanup of the way PAM exits are made also seems to have fixed the ssh-agent problems after failed login. (Closes: #425735) * Removed implementation-specific information from the manual page, and added more information suited for administrators. -- Jens Peter Secher Fri, 05 Dec 2008 17:27:40 +0100 libpam-ssh (1.92-2) experimental; urgency=low * Since format 3.0 (quilt) is not yet supported by dak (bug #457345), repack bzip source into a traditional gzip format. -- Jens Peter Secher Tue, 02 Dec 2008 17:06:42 +0100 libpam-ssh (1.92-1) experimental; urgency=low * New upstream release, which obsoletes some of the previous patches. (Closes: #437458) * Made the default PAM control be 'optional' instead of 'sufficient' so that other PAM modules on the stack will continue to execute, thanks to Christian Heimes. (Closes: #367586) * patches/enable-debug-info.diff: Make the debug option have an effect. * patches/fix-try-first-password.diff: Make pam_ssh behave like the manual page says it should, namely first trying the password from the preseding PAM module, and otherwise ask for a specific SSH password. In addition, it now completely refrains from asking passwords if there are no such SSH keys, and always use all SSH keys matching id_* (mostly thanks to a patch from Javier Serrano Polo), which means that the option keyfiles is now obsolete. (Closes: #350514,#336291,#477272) * Always use up-to-date config.{sub,guess} from autotools-dev. * Removed the pam- prefix from the pam modules so they are now simply called ssh-auth and ssh-session which is in line with other pam modules, hence the upload to experimental. * Updated dependencies from ssh to openssh, and removed ancient lower bounds on various version numbers. (Closes: #346393) * Clarified package description and documentation in general, and added explanation of option 'allow_blank_passphrase'. * Migrated to source package format 3.0 to use the upstream bzip2 tar ball directly, and migrated to quilt patch system while at it. * New maintainer. (Closes: #503487) -- Jens Peter Secher Sun, 30 Nov 2008 15:41:52 +0100 libpam-ssh (1.91.0-9.3) unstable; urgency=low * Non-maintainer upload. * Fixed bashisms in postinst (closes: #472231) * Added Homepage control field * Added watch file * Call make distclean so that everything is cleaned, and don't ignore errors -- Peter Eisentraut Sun, 06 Apr 2008 10:20:51 +0200 libpam-ssh (1.91.0-9.2) unstable; urgency=low * Non-maintainer upload by testing security team. * Include 03_fix-CVE-2007-0844 to fix authentication bypass if allow_blank_passphrase is enabled (CVE-2007-0844) (Closes: #410236). * Included 04_fix_syslogh_inclusion.dpatch to fix missing inclusion of syslog headers which lead to FTBFS. -- Nico Golde Thu, 30 Aug 2007 16:55:51 +0200 libpam-ssh (1.91.0-9.1) unstable; urgency=low * Non-Maintainer Upload. * Include to fix FTBFS, patch from Stefan Fritsch. (Closes: #334916) -- Steinar H. Gunderson Thu, 19 Jan 2006 00:00:47 +0100 libpam-ssh (1.91.0-9) unstable; urgency=high * Urgency set to high due to a RC bugfix * Fix dpatch debian/rules integration * Add patch from Dmitry K. Butskoj that closes: #301204 (usecure use of getpwnam()) * add a postinst script to remove trailing /etc/init.d/libpam-ssh script installed with a old version and no longer used -- Aurelien Labrosse Fri, 22 Apr 2005 21:37:21 +0200 libpam-ssh (1.91.0-8) unstable; urgency=low * Introduction of of dpatch * Add patch to cleanup old ~/.ssh/agent-[host]-[tty] files. (courtesy of Itay Ben-Yaacov ) Closes: #294181 * Revert prio of pam-ssh-session to optional. Revert #286645 Closes: #296772 -- Aurelien Labrosse Tue, 8 Mar 2005 09:34:44 +0100 libpam-ssh (1.91.0-7) unstable; urgency=low * not released * Wrap README.Debian to 80 chars/line. Closes: #293916 -- Aurelien Labrosse Tue, 8 Feb 2005 14:41:43 +0100 libpam-ssh (1.91.0-6) unstable; urgency=low * Remove /lib/security/pam_ssh.la, as it's not needed after compilation/link. libtool --finish. Closes: #291505 -- Aurelien Labrosse Fri, 21 Jan 2005 11:04:13 +0100 libpam-ssh (1.91.0-5) unstable; urgency=low * Pam-ssh-auth tweaks (Thanks to Johannes Gijsbers) Closes: #286645 * Update dependencies from "ssh" to "ssh | ssh-krb5" Closes: #288093 * Some corrections into debian/rules to make lintian totally quiet -- Christian Bayle Mon, 10 Jan 2005 14:16:55 +0100 libpam-ssh (1.91.0-4) unstable; urgency=low * Provide working configure script to avoid problems while its generation (bootstrap.sh script to rebuild it also provided) * Closes ITP Closes: #156257 -- Aurelien Labrosse Thu, 25 Nov 2004 10:01:25 +0100 libpam-ssh (1.91.0-3) unstable; urgency=low * Fix build dependencies * Fix compilation warning about some m4 files (clean target update) -- Aurelien Labrosse Wed, 3 Nov 2004 17:22:19 +0100 libpam-ssh (1.91.0-2) unstable; urgency=low * Fix man installation * Recommends ssh in place of require it (not needed for install, even if needed for use) -- Aurelien Labrosse Thu, 28 Oct 2004 10:46:45 +0200 libpam-ssh (1.91.0-1) unstable; urgency=low * Fix pam configuration problem, updated the Readme.Debian file * New upstream release -- Aurelien Labrosse Wed, 22 Sep 2004 12:19:07 +0200 libpam-ssh (1.9.0-2) unstable; urgency=low * Installation script bugfix (duplicated manpage) -- Aurelien Labrosse Mon, 23 Feb 2004 09:34:35 +0100 libpam-ssh (1.9.0-1) unstable; urgency=low * New upstream realease * Updated for newer Autoconf and Automake -- Aurelien Labrosse Fri, 20 Feb 2004 00:42:21 +0100 libpam-ssh (1.8.0-2) unstable; urgency=low * Licence type fix, README.Debian fix -- Aurelien Labrosse Mon, 16 Feb 2004 13:29:21 +0100 libpam-ssh (1.8.0-1) unstable; urgency=low * Initial Package release. -- Aurelien Labrosse Sun, 15 Feb 2004 19:59:55 +0100