[Pkg-shadow-devel] shadow 4.1.2 released
Nicolas François
nicolas.francois at centraliens.net
Sun May 25 12:50:50 UTC 2008
Hello,
I'm pleased to announce the release of shadow 4.1.2.
Thanks to everyone who has contributed to this release.
You can find the 4.1.2 archive in:
ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-4.1.2.tar.bz2
ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-4.1.2.tar.bz2.sig
shadow-4.1.1 -> shadow-4.1.2 25-05-2008
*** security:
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
chgpasswd; and also passwd if configured without PAM support).
The number of rounds and number of salt bytes was fixed to their lower
allowed values (resp. configurable and 8), hence voiding some of the
advantages of this encryption method. Dictionary attacks with
precomputed tables were easier than expected, but still harder than with
the MD5 (or DES) methods.
*** general:
- packaging
* Distribute the chfn, chsh, and userdel PAM configuration file.
* Fix the detection of the audit, pam, and selinux library and header
file; and fail if the feature is requested but not present on the
system.
* Fix build failure when configured with audit support.
- chfn
* Allow non-US-ASCII characters in the GECOS fields ("name", "room
number", and "other info" fields).
- login
* Do not fail if a shell option, specified after --, has more than 2
letters.
- su
* If the SULOG_FILE does not exist when an su session is logged, make
sure the file is created with group root, instead of using the group
of the caller.
- vipw
* Resume properly after ^Z.
*** documentation:
- Document the -r, --system option in the useradd, groupadd, and newusers
manpages.
- Document the -c, --crypt-method and -s, --sha-rounds options in the
newusers manpage.
- Document the -k, --skel option in the useradd manpage.
- Tag the section which require --enable-shadowgrp or --with-sha-crypt
accordingly.
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list