Releases: shadow-maint/shadow
Release candidate 1
Go and play!
(Changelog to be filled in before real release :) )
byaslag
This release includes the following changes:
* useradd.8: fix default group ID (Tim Biermann)
* Revert drop of subid_init() (Serge Hallyn)
* Georgian translation (NorwayFun)
* useradd: Avoid taking unneeded space: do not reset non-existent data
in lastlog (David Kalnischkies)
* relax username restrictions (Alexander Kanavin)
* selinux: check MLS enabled before setting serange (genBTC)
* copy_tree: use fchmodat instead of chmod (Samanta Navarro)
* copy_tree: don't block on FIFOs (Samanta Navarro)
* add shell linter (Jan Macku)
* copy_tree: carefully treat permissions (Samanta Navarro)
* lib/commonio: make lock failures more detailed (Luca BRUNO)
* lib: use strzero and memzero where applicable (Christian Göttsche)
* Update Dutch translation (Frans Spiesschaert)
* Don't test for NULL before calling free (Alex Colomar)
* Use libc MAX() and MIN() (Alejandro Colomar)
* chage: Fix regression in print_date (Xiami)
* usermod: report error if homedir does not exist (Iker Pedrosa)
* libmisc: minimum id check for system accounts (Iker Pedrosa)
* fix usermod -rG x y wrongly adding a group (xyz)
* man: add missing space in useradd.8.xml (Iker Pedrosa)
* lastlog: check for localtime() return value (Iker Pedrosa)
* Raise limit for passwd and shadow entry length (Iker Pedrosa)
* Remove adduser-old.c (Alejandro Colomar)
* useradd: Fix buffer overflow when using a prefix (David Michael)
* Don't warn when failed to open /etc/nsswitch.conf (Serge Hallyn)
4.12.3
4.12.2 - ayibe+++
This includes the fix by Christian Göttsche for a TOCTTOU when copying directories.
4.12.1 - ayibe++
This should fix the broken uk manpages in 4.12.
4.12 - ayibe
This release includes the following changes:
* Add absolute path hint to --root (Celeste Liu)
* Various cleanups (Christian Göttsche)
* Fix Ubuntu release used in CI tests (Jeremy Whiting)
* add -F options to useradd (and tests) (Masatake YAMATO)
* useradd manpage updates (Masatake YAMATO and Alexander Zhang))
* Check for ownerid (not just username) in subid ranges (Iker Pedrosa)
* Declare file local functions static (Christian Göttsche)
* Use strict prototypes (Christian Göttsche)
* Do not drop const qualifier for Basename (Christian Göttsche)
* Constify various pointers (Christian Göttsche)
* Don't return uninitialized memory (Christian Göttsche)
* Don't let compiler optimize away memory cleaning (Christian Göttsche)
* Remove many obsolete compatibility checks and defines (Alejandro Colomar)
* Modify ID range check in useradd (Iker Pedrosa)
* Use "extern "C"" to make libsubid easier to use from C++ (Alois Wohlschlager)
* French translation updates (bubu)
* Fix s/with-pam/with-libpam/ (serge)
* Spanish translation updates (Fernando)
* French translation fixes (Balint Reczey)
* Default max group name length to 32 (Jami Kettunen)
* Fix PAM service files without-selinux (Ali Riza KESKIN)
* Improve manpages (Markus Hiereth)
- groupadd, useradd, usermod
- groups and id
- pwck
* Add fedora to CI builds (Iker Pedrosa)
* Fix condition under which pw_dir check happens (Ed Neville)
* logoutd: switch to strncat (Steve Grubb)
* AUTHORS: improve markdown output (Iker Pedrosa)
* Handle ERANGE errors correctly (Niko)
* Check for fopen NULL return (juyin)
* Split get_salt() into its own fn juyin)
* Get salt before chroot to ensure /dev/urandom. (juyin)
* Chpasswd code cleanup (juyin)
* Work around git safe.directory enforcement (serge)
* Alphabetize order in usermod help (Matheus Marques)
* Erase password copy on error branches (Christian Göttsche)
* Suggest using --badname if needed (Iker Pedrosa)
* Update translation files (Iker Pedrosa)
* Correct badnames option to badname (Iker Pedrosa)
* configure: replace obsolete autoconf macros (Christian Göttsche)
* tests: replace egrep with grep -E (Sam James)
* Update Ukrainian translations (Yuri Chornoivan)
* Cleanups (Iker Pedrosa)
- Remove redeclared variable
- Remove commented out code and FIXMEs
- Add header guards
- Initialize local variables
* CI updates (Iker Pedrosa)
- Create github workflow to install dependencies
- Enable CodeQL
- Update actions version
* libmisc: use /dev/urandom as fallback if other methods fail (Xi Ruoyao)
v4.11.1
v4.11
Changelog:
* Handle possible TOCTTOU issues in usermod/userdel (edneville)
* (CVE-2013-4235)
* Use O_NOFOLLOW when copying file
* Kill all user tasks in userdel
* Fix useradd -D segfault (Xi Ruoyao)
* Clean up obsolete libc feature-check ifdefs (Alejandro Colomar)
* Fix -fno-common build breaks due to duplicate Prog declarations
(Adam Sampson)
* Have single date_to_str definition (Alejandro Colomar)
* Fix libsubid SONAME version (Sam James)
* Clarify licensing info, use SPDX.
Release 4.10
Note: From this release forward, su from this package should be
considered deprecated. Please replace any users of it with su from
util-linux. Please open an issue if there is a problem with that.
We intend to remove it in an upcoming release.
This release features many fixes expecially to the building of
libsubid, some SELinux labeling issues, and a few signaling
issues.
Changelog:
* libsubid fixes (Xi Ruoyao, Serge Hallyn, Iker Pedrosa, Mike Gilbert,
GalaxyMaster, and Luís Ferreira)
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it. (Iker Pedrosa)
* Add libeconf dep for new*idmap (Iker Pedrosa)
* Allow all group types with usermod -G (Iker Pedrosa)
* Avoid useradd generating empty subid range (Iker Pedrosa)
* Handle NULL pw_passwd (Jaroslav Jindrak)
* Fix default value SHA_get_salt_rounds (Mike Gilbert)
* Use https where possible in README (Paul Menzel)
* Update content and format of README (Iker Pedrosa)
* Translation updates (Balint Reczey, Frans Spiesschaert)
* Switch from xml2po to itstool in 'make dist' (Serge Hallyn)
* Fix double frees (Michael Vetter)
* Add LOG_INIT configurable to useradd (Andy Zaugg)
* Add CREATE_MAIL_SPOOL documentation (Andy Zaugg)
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM (Ruihan li)
* Fix wrong SELinux labels in several possible cases (Iker Pedrosa)
* Fix missing chmod in chadowtb_move (GalaxyMaster)
* Handle malformed hushlogins entries (Tobias Stoeckmann)
* Fix groupdel segv when passwd does not exist (François Rigault)
* Fix covscan-found newgrp segfault (Iker Pedrosa)
* Remove trailing slash on hoedir (Ed Neville)
* Fix passwd -l message - it does not change expirey (Ed Neville)
* Fix SIGCHLD handling bugs in su and vipw (Tobias Stoeckmann)
* Remove special case for "" in usermod (Alejandro Colomar)
* Implement usermod -rG to remove a specific group
(Andy Zaugg)
* call pam_end() after fork in child path for su and login
(Björn Fischer)
* useradd: In absence of /etc/passwd, assume 0 == root
(Ludwig Nussel)
* lib: check NULL before freeing data (Iker Pedrosa)
* Fix pwck segfault (Iker Pedrosa)
Release 4.9
Changelog:
- Updated translations (Björn Esser, Juergen Hoetzel)
- Major salt updates (Björn Esser)
- Various coverity and cleanup fixes (Iker Pedrosa)
- Consistently use 0 to disable PASS_MIN_DAYS in man (tzccinct)
- Implement NSS support for subids and a libsubid (Serge Hallyn)
- setfcap: retain setfcap when mapping uid 0 (Christian Brauner)
- login.defs: include HMAC_CRYPTO_ALGO key (Iker Pedrosa)
- selinux fixes (Christian Göttsche)
- Fix path prefix path handling (Lucas Servén Marín)
- Manpage updates (tzccinct, Sevan Janiyan, Iker Pedrosa, Geert Ijewski,
谭九鼎, Jamin W. Collins, towerpark, andydna, Frans Spiesschaert) - Treat an empty passwd field as invalid (Haelwenn Monnier)
- newxidmap: allow running under alternative gid (Martijn de Gouw)
- usermod: check that shell is executable (Geert Ijewski)
- Add yescript support (Rodolphe Bréard)
- useradd memleak fixes (whzhe)
- useradd: use built-in settings by default (Ludwig Nussel)
- getdefs: add foreign (non-shadow-utils) items (Karel Zak)
- buffer overflow fixes (Tobias Stoeckmann)
- Adding run-parts style for pre and post useradd/del ([email protected])