linux-pam tagshttps://git.amper.me/open-source/linux-pam/-/tagshttps://git.amper.me/open-source/linux-pam/-/tags/v1.5.2v1.5.2Linux-PAM release 1.5.2
* pam_exec: implemented quiet_log option.
* pam_mkhomedir: added support of HOME_MODE and UMASK from /etc/login.defs.
* pam_timestamp: changed hmac algorithm to call openssl instead of the bundled
sha1 implementation if selected, added option to select
the hash algorithm to use with HMAC.
* Added pkgconfig files for provided libraries.
* Added --with-systemdunitdir configure option to specify systemd unit
directory.
* Added --with-misc-conv-bufsize configure option to specify the buffer size
in libpam_misc's misc_conv() function, raised the default value for this
parameter from 512 to 4096.
* Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
Dmitry V. Levinldv@altlinux.orghttps://git.amper.me/open-source/linux-pam/-/tags/v1.5.1v1.5.1Linux-PAM release 1.5.1
* pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank
* pam_faillock: added nodelay option to not set pam_fail_delay
* pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
Thomas M. DuBuissontommd@muse.devhttps://git.amper.me/open-source/linux-pam/-/tags/v1.5.0v1.5.0Linux-PAM release 1.5.0
* Multiple minor bug fixes, portability fixes, and documentation improvements.
* Extended libpam API with pam_modutil_check_user_in_passwd function.
* configure: added --disable-unix option to disable build of pam_unix module.
* pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660.
* pam_limits: added support for nonewprivs item.
* pam_motd: read motd files with target user credentials skipping unreadable ones.
* pam_pwhistory: added a SELinux helper executable.
* pam_unix, pam_usertype: implemented avoidance of certain timing attacks.
* pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails.
* Removed deprecated pam_cracklib module, use pam_passwdqc (from passwdqc project)
or pam_pwquality (from libpwquality project) instead.
* Removed deprecated pam_tally and pam_tally2 modules, use pam_faillock instead.
* pam_env: Reading of the user environment is deprecated and will be removed
at some point in the future.
* libpam: pam_modutil_drop_priv() now correctly sets the target user's
supplementary groups, allowing pam_motd to filter messages accordingly
Allison Karlitskayaallison.karlitskaya@redhat.comhttps://git.amper.me/open-source/linux-pam/-/tags/v1.4.0v1.4.0Linux-PAM release 1.4.0
* Multiple minor bug fixes and documentation improvements
* Fixed grammar of messages printed via pam_prompt
* Added support for a vendor directory and libeconf
* configure: Added --enable-Werror option to enable -Werror build
* configure: Allowed disabling documentation through --disable-doc
* pam_get_authtok_verify: Avoid duplicate password verification
* pam_cracklib: Fixed parsing of options without arguments
* pam_env: Changed the default to not read the user .pam_environment file
* pam_exec: Require a user name to be specified before the command is executed
* pam_faillock: New module for locking after multiple auth failures
* pam_group, pam_time: Fixed logical error with multiple ! operators
* pam_keyinit: In pam_sm_setcred do the same as in pam_sm_open_session
* pam_lastlog: Do not log info about failed login if the session was opened
with PAM_SILENT flag
* pam_lastlog: Limit lastlog file use by LASTLOG_UID_MAX option in login.defs
* pam_lastlog: With 'unlimited' option prevent SIGXFSZ due to reduced 'fsize'
limit
* pam_mkhomedir: Fixed return value when the user is unknown
* pam_motd: Export MOTD_SHOWN=pam after showing MOTD
* pam_motd: Support multiple motd paths specified, with filename overrides
* pam_namespace: Added a systemd service, which creates the namespaced
instance parent directories during boot
* pam_namespace: Support for noexec, nosuid and nodev flags for tmpfs mounts
* pam_selinux: Check unknown object classes or permissions in current policy
* pam_selinux: Fall back to log to syslog if audit logging fails
* pam_setquota: New module to set or modify disk quotas on session start
* pam_shells: Recognize /bin/sh as the default shell
* pam_succeed_if: Fixed potential override of the default prompt
* pam_succeed_if: Support lists in group membership checks
* pam_time: Added conffile= option to specify an alternative configuration file
* pam_tty_audit: If kernel audit is disabled return PAM_IGNORE
* pam_umask: Added new 'nousergroups' module argument and allowed specifying
the default for usergroups at build-time
* pam_unix: Added 'nullresetok' option to allow resetting blank passwords
* pam_unix: Report unusable hashes found by checksalt to syslog
* pam_unix: Return PAM_AUTHINFO_UNAVAIL when shadow entry is unavailable
* pam_unix: Support for (gost-)yescrypt hashing methods
* pam_unix: Use bcrypt b-variant when it bcrypt is chosen
* pam_usertype: New module to tell if uid is in login.defs ranges
* Fixed and documented possible values returned by pam_get_user()
* Added new API call pam_start_confdir() for special applications that
cannot use the system-default PAM configuration paths and need to
explicitly specify another path
* Deprecated pam_cracklib: this module is no longer built by default and will
be removed in the next release, use pam_passwdqc (from passwdqc project)
or pam_pwquality (from libpwquality project) instead
* Deprecated pam_tally and pam_tally2: these modules are no longer built
by default and will be removed in the next release, use pam_faillock instead
Dmitry V. Levinldv@altlinux.orghttps://git.amper.me/open-source/linux-pam/-/tags/v1.3.1v1.3.1Release version 1.3.1
Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1.3.0Linux-PAM-1.3.0Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_2_1Linux-PAM-1_2_1Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_2_0Linux-PAM-1_2_0Release version 1.2.0Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_8Linux-PAM-1_1_8Release version 1.1.8
Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_7Linux-PAM-1_1_7Release version 1.1.7
Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/v1.1.6v1.1.6Linux-PAM 1.1.6 release
Thorsten Kukukkukuk@orinoco.thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_5Linux-PAM-1_1_5Release Linux-PAM-1.1.5Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_4Linux-PAM-1_1_4Release version 1.1.4Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/v1.1.4v1.1.4Linux-PAM 1.1.4 release
Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1-branchLinux-PAM-1_1-branchTomas Mraztm@t8m.infohttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_3Linux-PAM-1_1_3Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_2Linux-PAM-1_1_2Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_1Linux-PAM-1_1_1Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_1_0Linux-PAM-1_1_0Thorsten Kukukkukuk@thkukuk.dehttps://git.amper.me/open-source/linux-pam/-/tags/Linux-PAM-1_0_92Linux-PAM-1_0_92Thorsten Kukukkukuk@thkukuk.de