* Wed Jun 18 2025 kukuk@suse.com
- hardcode disabling elogind, meson detection is unreliable in OBS
* Wed Jun 18 2025 kukuk@suse.com
- Update to version 1.7.1
- pam_access: do not resolve ttys or display variables as hostnames.
- pam_access: added "nodns" option to disallow resolving of tokens
as hostnames (CVE-2024-10963).
- pam_limits: added support for rttime (RLIMIT_RTTIME).
- pam_namespace: fixed potential privilege escalation (CVE-2025-6020).
- meson: added support of elogind as a logind provider.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- pam_access-rework-resolving-of-tokens-as-hostname.patch got obsoleted
* Mon Mar 24 2025 kukuk@suse.com
- Remove unix2_chkpwd, no consumer left
* Thu Dec 05 2024 valentin.lefebvre@suse.com
- pam_access: rework resolving of tokens as hostname
- separate resolving of IP addresses from hostnames. Don't resolve TTYs or
display variables as hostname.
- Add "nodns" option to disallow resolving of tokens as hostname.
- [pam_access-rework-resolving-of-tokens-as-hostname.patch, bsc#1233078,
CVE-2024-10963]
* Thu Oct 24 2024 kukuk@suse.com
- Update to version 1.7.0
- build: changed build system from autotools to meson.
- libpam_misc: use ECHOCTL in the terminal input
- pam_access: support UID and GID in access.conf
- pam_env: install environment file in vendordir if vendordir is enabled
- pam_issue: only count class user if logind support is enabled
- pam_limits: use systemd-logind instead of utmp if logind support is enabled
- pam_unix: compare password hashes in constant time
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Drop upstream patches:
- pam-bsc1194818-cursor-escape.patch
- pam_limits-systemd.patch
- pam_issue-systemd.patch
* Thu Sep 12 2024 kukuk@suse.com
- baselibs.conf: add pam-userdb
* Tue Sep 10 2024 kukuk@suse.com
- pam_limits-systemd.patch: update to final PR
* Fri Sep 06 2024 kukuk@suse.com
- Add systemd-logind support to pam_limits (pam_limits-systemd.patch)
- Remove /usr/etc/pam.d, everything should be migrated
- Remove pam_limits from default common-sessions* files. pam_limits
is now part of pam-extra and not in our default generated config.
- pam_issue-systemd.patch: only count class user sessions
* Wed Aug 07 2024 sbrabec@suse.com
- Prevent cursor escape from the login prompt [bsc#1194818]
* Added: pam-bsc1194818-cursor-escape.patch
* Wed Apr 10 2024 kukuk@suse.com
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch