[Pkg-shadow-devel] comming shadow 4.0.8
Tomasz Kłoczko
kloczek@zie.pg.gda.pl
Fri, 15 Apr 2005 23:50:35 +0200 (CEST)
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--568760595-1184287586-1113601835=:5286
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Content-Transfer-Encoding: QUOTED-PRINTABLE
After comming monday to release the 4.0.8 (i next monday 18.04)
I want stop changes to C code. Only critical and updates man pages,
translated resources will be acceptable.
Many thanks to Debian developers for submision many small but sometimes
importand patches. Seems after release 4.0.8 prepare this version as=20
regular Debian package will easier :)
Current summary information about changes in 4.0.8:
shadow-4.0.7 -> shadow-4.0.8
*** general:
- passwd: fix #61313 Debian bug: "passwd -S root" (as a normal user) should=
not
display "You may not change the password for root,
- vipw: fixed race condition (Debian #242407 bug; fix by Alexander Gattin
<arg@online.com.ua>),
- configure.in: add using AC_GNU_SOURCE macro for kill compilation warnings=
about
implicit declaration of function `fseeko',
- faillog: changed faillog record display format for allow fit in 80 column=
s all
faillog atributies,
- removed NDBM code (unused),
- fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel gro=
up
members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
http://bugs.gentoo.org/show_bug.cgi?id=3D80345
- drop never finished kerberos and des_rpc support (for kerberos support ba=
ck firs
must be prepared modularization),
- fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>),
- useradd: rewrited group count to dynamic (by John Newbigin
<jnewbigin@ict.swin.edu.au>),
- login: fixed create lastlog entry fo users never loged in on non-PAM
variant of login (fix by <oracular@ziplip.com>),
- remove handle login.defs::NOLOGIN_STR (never used),
- useradd: fixes a potential security problem when mailbox is created in
useradd.
Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
Only two arguments are passed to the open() call though it expects three
because O_CREAT is present. Hence the permission of the file first become=
s
some random garbage found on the stack, and an attacker can perhaps open
this file and hold it open for reading or writing before the proper
fchmod() is executed. (Actually, we could also pass the final "mode" to
the open() call and then save the consequent fchmod().)
- SELinux changes: added changes in chage, chfn, chsh, passwd for allow
construct more grained user password/accuunt properties on SELinux
policies level. Patch originally based on RH changes (submited by Chris
PeBenito <pebenito@gentoo.org>),
- added SELinux changes: in libmisc/copydir.c (based on Fedora patch),
- updated translations: cs, fi, fr,
- added translations: tl,
- reindent all source code using -l80,
*** documentation:
- passwd(1): fix #160477 Debian bug: improve -S output description,
- newgrp(1): fix #251926, #166173, #113191 Debian bugs: explain why editing=
/etc/group
(without gshadow) doesn't permit to use newgrp,
- newgrp(1): newgrp uses /bin/sh (not bash),
- faillog(8): updated after rewrite faillog command for use getopt_long(),
- login(1): removed fragment about abilities pass enviroment variables in l=
ogin prompt,
- gshadow(5): new file (by Nicolas Nicolas Fran=C3=A7ois=20
<nicolas.francois@centraliens.net>),
- usermod(8): fixed #302388 Debian bug: added separated -o option descripti=
on,
kloczek
--=20
-----------------------------------------------------------
*Ludzie nie maj=B1 problem=F3w, tylko sobie sami je stwarzaj=B1*
-----------------------------------------------------------
Tomasz K=B3oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek@rudy.mif.pg.gda.p=
l*
--568760595-1184287586-1113601835=:5286--