2009
libpam-ssh (1.92-8) unstable; urgency=low
* Let the PAM session handle situations where there is no controlling
tty, thanks to Ansgar Burchardt.
(Closes: #541449)
-- Jens Peter Secher <jps@debian.org> Sat, 15 Aug 2009 16:09:29 +0200
libpam-ssh (1.92-7) unstable; urgency=low
* Avoid leaking user names, see CVE-2009-1273. (Closes: 535877) * Do not refer to non-existing session config file in README, thanks to Andrei Popescu. (Closes: 537155)
-- Jens Peter Secher <jps@debian.org> Wed, 22 Jul 2009 13:59:21 +0200
libpam-ssh (1.92-6) unstable; urgency=low
* Always unlock traditional SSH keys, but only use keys in
login-keys.d to authenticate.
(Closes: #519314)
* Updated documentation to reflect the new behaviour.
* Bumped the Standards-Version to 3.8.1.
* Added a Vcs-Hg control filed to indicate the location of the public
repository.
-- Jens Peter Secher <jps@debian.org> Sun, 29 Mar 2009 17:05:26 +0200
libpam-ssh (1.92-5) unstable; urgency=low
* Upload to "squeeze".
-- Jens Peter Secher <jps@debian.org> Sat, 07 Mar 2009 10:16:49 +0100
2008
libpam-ssh (1.92-4) experimental; urgency=low
* Make detection of SSH login keys use standard file operation, thanks
to Luca Niccoli and Steve McIntyre.
* Do not ship any ssh-auth or ssh-session files in /etc/pam.d because it
is just as easy and more flexible to add the lines directly in the
relevant PAM configuration files, thanks to Sylvain Collilieux and
Steve Langasek.
(Closes: #325351)
-- Jens Peter Secher <jps@debian.org> Sun, 21 Dec 2008 00:00:48 +0100
libpam-ssh (1.92-3) experimental; urgency=low
* Use all SSH keys in the special directory $HOME/.ssh/login-keys.d,
thanks to Steve Langasek, Vincent Zweije, and Peter Palfrader.
* Documented an alternative fall-through use, thanks to Luca Niccoli.
* Avoid leaking information about the existence of users or presence of
SSH login keys, thanks to Allan Wind.
(Closes: #422453)
* The cleanup of the way PAM exits are made also seems to have fixed the
ssh-agent problems after failed login.
(Closes: #425735)
* Removed implementation-specific information from the manual page, and
added more information suited for administrators.
-- Jens Peter Secher <jps@debian.org> Fri, 05 Dec 2008 17:27:40 +0100
libpam-ssh (1.92-2) experimental; urgency=low
* Since format 3.0 (quilt) is not yet supported by dak (bug #457345),
repack bzip source into a traditional gzip format.
-- Jens Peter Secher <jps@debian.org> Tue, 02 Dec 2008 17:06:42 +0100
libpam-ssh (1.92-1) experimental; urgency=low
* New upstream release, which obsoletes some of the previous patches.
(Closes: #437458)
* Made the default PAM control be 'optional' instead of 'sufficient' so
that other PAM modules on the stack will continue to execute, thanks
to Christian Heimes.
(Closes: #367586)
* patches/enable-debug-info.diff: Make the debug option have an effect.
* patches/fix-try-first-password.diff: Make pam_ssh behave like the
manual page says it should, namely first trying the password from the
preseding PAM module, and otherwise ask for a specific SSH password.
In addition, it now completely refrains from asking passwords if there
are no such SSH keys, and always use all SSH keys matching id_*
(mostly thanks to a patch from Javier Serrano Polo), which means that
the option keyfiles is now obsolete.
(Closes: #350514,#336291,#477272)
* Always use up-to-date config.{sub,guess} from autotools-dev.
* Removed the pam- prefix from the pam modules so they are now simply
called ssh-auth and ssh-session which is in line with other pam
modules, hence the upload to experimental.
* Updated dependencies from ssh to openssh, and removed ancient
lower bounds on various version numbers.
(Closes: #346393)
* Clarified package description and documentation in general, and added
explanation of option 'allow_blank_passphrase'.
* Migrated to source package format 3.0 to use the upstream bzip2 tar
ball directly, and migrated to quilt patch system while at it.
* New maintainer.
(Closes: #503487)
-- Jens Peter Secher <jps@debian.org> Sun, 30 Nov 2008 15:41:52 +0100
libpam-ssh (1.91.0-9.3) unstable; urgency=low
* Non-maintainer upload. * Fixed bashisms in postinst (closes: #472231) * Added Homepage control field * Added watch file * Call make distclean so that everything is cleaned, and don't ignore errors
-- Peter Eisentraut <petere@debian.org> Sun, 06 Apr 2008 10:20:51 +0200
2007
libpam-ssh (1.91.0-9.2) unstable; urgency=low
* Non-maintainer upload by testing security team. * Include 03_fix-CVE-2007-0844 to fix authentication bypass if allow_blank_passphrase is enabled (CVE-2007-0844) (Closes: #410236). * Included 04_fix_syslogh_inclusion.dpatch to fix missing inclusion of syslog headers which lead to FTBFS.
-- Nico Golde <nion@debian.org> Thu, 30 Aug 2007 16:55:51 +0200
2006
libpam-ssh (1.91.0-9.1) unstable; urgency=low
* Non-Maintainer Upload.
* Include <openssl/md5.h> to fix FTBFS, patch from Stefan
Fritsch. (Closes: #334916)
-- Steinar H. Gunderson <sesse@debian.org> Thu, 19 Jan 2006 00:00:47 +0100
2005
libpam-ssh (1.91.0-9) unstable; urgency=high
* Urgency set to high due to a RC bugfix * Fix dpatch debian/rules integration * Add patch from Dmitry K. Butskoj <buc@users.sourceforge.net> that closes: #301204 (usecure use of getpwnam()) * add a postinst script to remove trailing /etc/init.d/libpam-ssh script installed with a old version and no longer used
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Fri, 22 Apr 2005 21:37:21 +0200
libpam-ssh (1.91.0-8) unstable; urgency=low
* Introduction of of dpatch
* Add patch to cleanup old ~/.ssh/agent-[host]-[tty] files.
(courtesy of Itay Ben-Yaacov <nib_maps@yahoo.com>)
Closes: #294181
* Revert prio of pam-ssh-session to optional. Revert #286645
Closes: #296772
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Tue, 8 Mar 2005 09:34:44 +0100
libpam-ssh (1.91.0-7) unstable; urgency=low
* not released * Wrap README.Debian to 80 chars/line. Closes: #293916
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Tue, 8 Feb 2005 14:41:43 +0100
libpam-ssh (1.91.0-6) unstable; urgency=low
* Remove /lib/security/pam_ssh.la, as it's not needed after compilation/link.
libtool --finish. Closes: #291505
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Fri, 21 Jan 2005 11:04:13 +0100
libpam-ssh (1.91.0-5) unstable; urgency=low
* Pam-ssh-auth tweaks (Thanks to Johannes Gijsbers) Closes: #286645 * Update dependencies from "ssh" to "ssh | ssh-krb5" Closes: #288093 * Some corrections into debian/rules to make lintian totally quiet
-- Christian Bayle <bayle@debian.org> Mon, 10 Jan 2005 14:16:55 +0100
2004
libpam-ssh (1.91.0-4) unstable; urgency=low
* Provide working configure script to avoid problems while its generation
(bootstrap.sh script to rebuild it also provided)
* Closes ITP Closes: #156257
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Thu, 25 Nov 2004 10:01:25 +0100
libpam-ssh (1.91.0-3) unstable; urgency=low
* Fix build dependencies * Fix compilation warning about some m4 files (clean target update)
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Wed, 3 Nov 2004 17:22:19 +0100
libpam-ssh (1.91.0-2) unstable; urgency=low
* Fix man installation
* Recommends ssh in place of require it (not needed for install, even if needed
for use)
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Thu, 28 Oct 2004 10:46:45 +0200
libpam-ssh (1.91.0-1) unstable; urgency=low
* Fix pam configuration problem, updated the Readme.Debian file * New upstream release
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Wed, 22 Sep 2004 12:19:07 +0200
libpam-ssh (1.9.0-2) unstable; urgency=low
* Installation script bugfix (duplicated manpage)
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Mon, 23 Feb 2004 09:34:35 +0100
libpam-ssh (1.9.0-1) unstable; urgency=low
* New upstream realease * Updated for newer Autoconf and Automake
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Fri, 20 Feb 2004 00:42:21 +0100
libpam-ssh (1.8.0-2) unstable; urgency=low
* Licence type fix, README.Debian fix
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Mon, 16 Feb 2004 13:29:21 +0100
libpam-ssh (1.8.0-1) unstable; urgency=low
* Initial Package release.
-- Aurelien Labrosse <aurelien.labrosse@free.fr> Sun, 15 Feb 2004 19:59:55 +0100