Opened 8 months ago

Closed 7 months ago

#5095 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 11.2
Component: Book Version: git
Severity: normal Keywords:


New minor version.

Change History (4)

comment:1 by Bruce Dubbs, 8 months ago

Summary: shadow-4.12shadow-4.12.1

Now version 4.12.1. This should fix the build problem, but I have not checked yet.

comment:2 by thomas, 8 months ago

Summary: shadow-4.12.1shadow-4.12.2

Now version 4.12.2 note the url has changed:

(its .../4.12.2/... without a 'v' )

comment:3 by Douglas R. Reno, 7 months ago

Priority: normalhigh

Shadow 4.12

* Add absolute path hint to --root (Celeste Liu)
    * Various cleanups (Christian Göttsche)
    * Fix Ubuntu release used in CI tests (Jeremy Whiting)
    * add -F options to useradd (and tests) (Masatake YAMATO)
    * useradd manpage updates (Masatake YAMATO and Alexander Zhang))
    * Check for ownerid (not just username) in subid ranges (Iker Pedrosa)
    * Declare file local functions static (Christian Göttsche)
    * Use strict prototypes (Christian Göttsche)
    * Do not drop const qualifier for Basename (Christian Göttsche)
    * Constify various pointers (Christian Göttsche)
    * Don't return uninitialized memory (Christian Göttsche)
    * Don't let compiler optimize away memory cleaning (Christian Göttsche)
    * Remove many obsolete compatibility checks  and defines (Alejandro Colomar)
    * Modify ID range check in useradd (Iker Pedrosa)
    * Use "extern "C"" to make libsubid easier to use from C++ (Alois Wohlschlager)
    * French translation updates (bubu)
    * Fix s/with-pam/with-libpam/ (serge)
    * Spanish translation updates (Fernando)
    * French translation fixes (Balint Reczey)
    * Default max group name length to 32 (Jami Kettunen)
    * Fix PAM service files without-selinux (Ali Riza KESKIN)
    * Improve manpages (Markus Hiereth)
      - groupadd, useradd, usermod
      - groups and id
      - pwck
    * Add fedora to CI builds (Iker Pedrosa)
    * Fix condition under which pw_dir check happens (Ed Neville)
    * logoutd: switch to strncat (Steve Grubb)
    * AUTHORS: improve markdown output (Iker Pedrosa)
    * Handle ERANGE errors correctly (Niko)
    * Check for fopen NULL return (juyin)
    * Split get_salt() into its own fn juyin)
    * Get salt before chroot to ensure /dev/urandom. (juyin)
    * Chpasswd code cleanup (juyin)
    * Work around git enforcement (serge)
    * Alphabetize order in usermod help (Matheus Marques)
    * Erase password copy on error branches (Christian Göttsche)
    * Suggest using --badname if needed (Iker Pedrosa)
    * Update translation files (Iker Pedrosa)
    * Correct badnames option to badname (Iker Pedrosa)
    * configure: replace obsolete autoconf macros (Christian Göttsche)
    * tests: replace egrep with grep -E (Sam James)
    * Update Ukrainian translations (Yuri Chornoivan)
    * Cleanups (Iker Pedrosa)
      - Remove redeclared variable
      - Remove commented out code and FIXMEs
      - Add header guards
      - Initialize local variables
    * CI updates (Iker Pedrosa)
      - Create github workflow to install dependencies
      - Enable CodeQL
      - Update actions version
    * libmisc: use /dev/urandom as fallback if other methods fail (Xi Ruoyao)

Shadow 4.12.1

This should fix the broken uk manpages in 4.12.

Shadow 4.12.2

--- Security Fix ---

This includes the fix by Christian Göttsche for a TOCTTOU when copying directories.

This has been assigned CVE-2013-4235

comment:4 by Xi Ruoyao, 7 months ago

Resolution: fixed
Status: newclosed

Fixed at r11.1-169-gf2af13d7a.

SA 11.1-100 published.

Note: See TracTickets for help on using tickets.