pam-u2f (1.3.0-1) unstable; urgency=medium * Update the keys according to the yubico website and delete one from the keyring. * Modify gbp.conf + Remove autosigning of upstream, I can't check that tag (and the content) before signing. + Extend the included gbp so that everybody uses gz in this case. * Accknowledge NMU from Salvatore Bonaccorso to close CVE-2021-31924 (Closes: #987545) - see release 1.1.1 * New upstream version 1.3.0 (Closes: #1022073) + Add sanity checking of UV options to pamu2fcfg. + Add support for username expansion in the authfile path. + Improvements to the documentation. + 1.2.1: + Fixed an issue where native credentials could be truncated, resulting in failure to authenticate or successful authentication with missing options. + Stricter parsing of sshformat credentials. + pamu2fcfg now allows a combination of the --username and --nouser options. + Improved documentation on FIDO2 options. + 1.2.0: + Added support for EdDSA keys. + Added support for SSH ed25519-sk keys. + Added authenticator filtering based on user verification options. + Fixed an issue with privilege restoration on MacOS. + Fixed an issue where credentials created with pamu2fcfg 1.0.8 or earlier were not handled correctly if their origin and appid differed. + Miscellaneous improvements to the documentation. + Miscellaneous minor bug fixes found by fuzzing. + 1.1.1: + Fix an issue where PIN authentication could be bypassed (CVE-2021-31924). + Fix an issue with nodetect and non-resident credentials. + Fix build issues with musl libc. + Add support for self-attestation in pamu2fcfg. + Fix minor bugs found by fuzzing. * Modify lintian override for new syntax * Update copyright and add myself * Switch to compat level 13 * Raise the standards-version to 4.6.2 (no changes needed) * Switched from pkg-config to pkgconf. * Removed Alessio Di Mauro and Nicoo as uploaders, according to process described here: https://wiki.debian.org/PackageSalvaging * Install package into /usr according to the /usr-merge. (Closes: #1061859) Thanks to Michael Biebl for the patch. -- Patrick Winnertz Sat, 06 Apr 2024 14:33:00 +0200 pam-u2f (1.1.0-1.1) unstable; urgency=medium * Non-maintainer upload. * Handle converse() returning NULL (CVE-2021-31924) (Closes: #987545) -- Salvatore Bonaccorso Sat, 05 Jun 2021 15:04:24 +0200 pam-u2f (1.1.0-1) unstable; urgency=low * New upstream version 1.1.0 (2020-09-17) + Add support for FIDO2 Switch from libu2f-host+libu2f-server to libfido2 + Add support for User Verification + Add support for PIN Verification + Add support for Resident Credentials + Add support for SSH credential format * Update nicoo's name & address * libpam-u2f: Override Lintian warning about the pam_u2f(8) manpage. See Lintian bug #973604 * d/copyright: + Set Upstream-Contact to Yubico's OSS maintainers role + Update package authorship metadata * Switch to debhelper 12. Replace the deprecated debian/compat file with a Build-Depends on debhelper-compat * d/upstream: Update signing keyring * d/control: Declare compliance with policy v4.5.0. No change required * Drop obsolete README.source. The package should explain how to explain cowbuilder, or refer to the packaging repo by an URL that has been obsolete for years. * d/gbp.conf: Sign tags. Unsure why I disabled it. * d/rules: No need to pass --builddirectory to dh * d/watch: Update to uscan v4, tidy up the syntax -- nicoo Mon, 02 Nov 2020 13:49:23 +0100 pam-u2f (1.0.8-1) unstable; urgency=high (security) [ nicoo ] * New upstream version 1.0.8 (2019-06-04) + Fix insecure debug file handling CVE-2019-12209. (Closes: #930021) + Fix debug file descriptor leak CVE-2019-12210. (Closes: #930023) + Fix a non-critical buffer out-of-bounds access. (Closes: #930047) * Comply with Debian policy v4.4.0 + debian/control: Set Rules-Requires-Root to no + debian/rules: Install upstream's changelog * debian/control: Update my email address * debian/gbp.conf: Move the packaging branch to debian/sid [ Simon Josefsson ] * Drop myself from Uploader's. -- nicoo Sat, 20 Jul 2019 13:01:18 +0200 pam-u2f (1.0.7-1) unstable; urgency=high * New upstream version 1.0.7 (2018-05-15) Closes: #898519 * Update & complete debian/copyright * Move the packaging repository to salsa.d.o * Use the tracker.debian.org email address for the maintainers. * Switch to debhelper 11 -- nicoo Tue, 29 May 2018 14:33:06 +0200 pam-u2f (1.0.6-1) unstable; urgency=medium * New upstream version (2018-04-18) - Remove upstreamed patch * Bump Standards-Version to 4.1.4 - debian/copyright: Use HTTPS Format URI * Update upstream's keyring - Move it to debian/upstream - Include a script debian/upstream/signing-key.sh that generates it -- nicoo Mon, 30 Apr 2018 13:35:48 +0200 pam-u2f (1.0.4-2) unstable; urgency=medium * debian/control: Add myself as uploader * debian/control: Move the packaging repo to Alioth -- nicoo Fri, 23 Sep 2016 20:38:06 +0200 pam-u2f (1.0.4-1) unstable; urgency=medium * Acknowledge NMU, thanks nicoo. -- Simon Josefsson Wed, 10 Aug 2016 16:08:42 +0200 pam-u2f (1.0.4-0.3) unstable; urgency=medium * Non-maintainer upload. * Fix the generated binaries on Debian/kFreeBSD * Drop spurious dependency on autotools-dev -- nicoo Tue, 02 Aug 2016 15:48:58 +0200 pam-u2f (1.0.4-0.2) unstable; urgency=medium * Non-maintainer upload. * Set Breaks and Replaces for the moved manpage. -- nicoo Thu, 14 Jul 2016 21:53:52 +0200 pam-u2f (1.0.4-0.1) unstable; urgency=medium * Non-maintainer upload. * New upstream version. Fixes possible permission escalation when using XDG_CONFIG_HOME. * Use HTTPS for Vcs-Git. * Use build-time hardening. * Bump Standards-Version to 3.9.8. No change required. * Put the pam_u2f(8) manpage in the libpam_u2f package. -- nicoo Wed, 06 Jul 2016 13:25:51 +0200 pam-u2f (1.0.3-1) unstable; urgency=medium * New upstream release. -- Alessio Di Mauro Mon, 02 Nov 2015 15:47:25 +0100 pam-u2f (1.0.2-1) unstable; urgency=medium [ Alessio Di Mauro ] * New upstream version [ Simon Josefsson ] * Update upstream-signing-key.pgp. -- Alessio Di Mauro Tue, 06 Oct 2015 14:34:08 +0200 pam-u2f (1.0.1-1) unstable; urgency=medium [ Alessio Di Mauro ] * New upstream release. [ Simon Josefsson ] * Update README.source. * Update upstream-signing-key.pgp. * Add gbp.conf. -- Alessio Di Mauro Thu, 18 Jun 2015 10:35:12 +0200 pam-u2f (1.0.0-1) unstable; urgency=medium * New upstream release. -- Alessio Di Mauro Wed, 17 Jun 2015 14:19:14 +0200 pam-u2f (0.0.1-1) unstable; urgency=low * Initial release. (Closes: #776091) -- Alessio Di Mauro Mon, 26 Jan 2015 13:57:25 +0100