[Pkg-shadow-devel] comming shadow 4.0.8

[Tomasz Kłoczko]

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--568760595-1184287586-1113601835=:5286
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Content-Transfer-Encoding: QUOTED-PRINTABLE


After comming monday to release the 4.0.8 (i next monday 18.04)
I want stop changes to C code. Only critical and updates man pages,
translated resources will be acceptable.

Many thanks to Debian developers for submision many small but sometimes
importand patches. Seems after release 4.0.8 prepare this version as=20
regular Debian package will easier :)

Current summary information about changes in 4.0.8:

shadow-4.0.7 -> shadow-4.0.8

*** general:
- passwd: fix #61313 Debian bug: "passwd -S root" (as a normal user) should=
 not
  display "You may not change the password for root,
- vipw: fixed race condition (Debian #242407 bug; fix by Alexander Gattin
  <arg@online.com.ua>),
- configure.in: add using AC_GNU_SOURCE macro for kill compilation warnings=
 about
  implicit declaration of function `fseeko',
- faillog: changed faillog record display format for allow fit in 80 column=
s all
  faillog atributies,
- removed NDBM code (unused),
- fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel gro=
up
  members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
  http://bugs.gentoo.org/show_bug.cgi?id=3D80345
- drop never finished kerberos and des_rpc support (for kerberos support ba=
ck firs
  must be prepared modularization),
- fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>),
- useradd: rewrited group count to dynamic (by John Newbigin
  <jnewbigin@ict.swin.edu.au>),
- login: fixed create lastlog entry fo users never loged in on non-PAM
  variant of login (fix by <oracular@ziplip.com>),
- remove handle login.defs::NOLOGIN_STR (never used),
- useradd: fixes a potential security problem when mailbox is created in
  useradd.
  Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
  Only two arguments are passed to the open() call though it expects three
  because O_CREAT is present. Hence the permission of the file first become=
s
  some random garbage found on the stack, and an attacker can perhaps open
  this file and hold it open for reading or writing before the proper
  fchmod() is executed. (Actually, we could also pass the final "mode" to
  the open() call and then save the consequent fchmod().)
- SELinux changes: added changes in chage, chfn, chsh, passwd for allow
  construct more grained user password/accuunt properties on SELinux
  policies level. Patch originally based on RH changes (submited by Chris
  PeBenito <pebenito@gentoo.org>),
- added SELinux changes: in libmisc/copydir.c (based on Fedora patch),
- updated translations: cs, fi, fr,
- added translations: tl,
- reindent all source code using -l80,
*** documentation:
- passwd(1): fix #160477 Debian bug: improve -S output description,
- newgrp(1): fix #251926, #166173, #113191 Debian bugs: explain why editing=
 /etc/group
  (without gshadow) doesn't permit to use newgrp,
- newgrp(1): newgrp uses /bin/sh (not bash),
- faillog(8): updated after rewrite faillog command for use getopt_long(),
- login(1): removed fragment about abilities pass enviroment variables in l=
ogin prompt,
- gshadow(5): new file (by Nicolas Nicolas Fran=C3=A7ois=20
  <nicolas.francois@centraliens.net>),
- usermod(8): fixed #302388 Debian bug: added separated -o option descripti=
on,

kloczek
--=20
-----------------------------------------------------------
*Ludzie nie maj=B1 problem=F3w, tylko sobie sami je stwarzaj=B1*
-----------------------------------------------------------
Tomasz K=B3oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek@rudy.mif.pg.gda.p=
l*
--568760595-1184287586-1113601835=:5286--