Accepted nss-pam-ldapd 0.9.4-1 (source i386 all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 08 Jun 2014 14:00:00 +0200
Source: nss-pam-ldapd
Binary: nslcd pynslcd libnss-ldapd libpam-ldapd nslcd-utils
Architecture: source i386 all
Version: 0.9.4-1
Distribution: unstable
Urgency: medium
Maintainer: Arthur de Jong <adejong@debian.org>
Changed-By: Arthur de Jong <adejong@debian.org>
Description:
 libnss-ldapd - NSS module for using LDAP as a naming service
 libpam-ldapd - PAM module for using LDAP as an authentication service
 nslcd      - daemon for NSS and PAM lookups using LDAP
 nslcd-utils - utilities for querying LDAP via nslcd
 pynslcd    - daemon for NSS and PAM lookups via LDAP - Python version
Closes: 647502 659488 695044 699841 706913 707193 711867 711884 711889 712231 712311 712728 712847 712876 713047 713921 713987 714651 717063 726435 739330
Changes:
 nss-pam-ldapd (0.9.4-1) unstable; urgency=medium
 .
   * upload to unstable
   * new upstream release:
     - also handle password policy information on BIND failure (this makes it
       possible to distinguish between a wrong password and an expired
       password)
     - fix mapping the member attribute to an empty string
     - any buffers that may have held passwords are cleared before the memory
       is released
     - increase buffer size for passwords to support extremely long passwords
       (thanks ushi)
     - increase buffer size for DN to support very long names or names with
       non-ASCII characters
     - log an error in almost all places where a defined buffer is not large
       enough to hold the provided data instead of just (sometimes silently)
       failing
     - logging improvements (start-up problems, login failures)
   * add signature checking option to watch file
   * add a debian/upstream/metadata file
 .
 nss-pam-ldapd (0.9.3-1) experimental; urgency=low
 .
   * new upstream release:
     - make the dn2uid cache lifetime configurable with the cache
       configuration option
     - have the nslcd process only exit after the service is completely
       available to avoid race conditions in the init script
     - the nslcd daemon now properly daemonises (double fork)
     - support mapping the member attribute to an empty string to disable the
       functionality to do extra lookups for member DN to member uid
       translations
     - implement deref control handling to request the LDAP server to
       dereference group member attribute values to uid values
     - support getting built-in groups from Active Directory (thanks Davy
       Defaud)
     - fix for pwdLastSet attribute value handling (thanks Joshua Shire)
     - fix a possible crash in the NSS module when retrieving large networks
       entries (thanks Lukas Slebodnik)
     - correct NSS h_errnop return value to indicate buffer too small (thanks
       Nalin Dahyabhai)
     - fix a bug with shadow values on 64-bit architectures (closes: #739330)
   * debian/copyright: copyright year updates
   * add build dependencies for used Python modules because the new upstream
     version checks them with configure script
 .
 nss-pam-ldapd (0.9.2-1) experimental; urgency=low
 .
   * new upstream release:
     - increase password value buffer size (by Bersl)
     - avoid more broken pipe errors by using a low timeout when aborting
       reading requested information from nslcd (thanks John Sullivan)
     - only log broken pipe errors in debugging mode
     - fix buffer overflow on interrupted read that is hard to trigger (thanks
       John Sullivan)
     - use clock_gettime() with CLOCK_MONOTONIC for timeout calculations to
       avoid clock adjustments errors (thanks John Sullivan)
     - extend test suite to test for CLOCK_MONOTONIC and timed IO timeout
       calculations
     - increase the maximum number of base statements per map to 31
     - use larger nslcd send buffers to reduce the number of write operations
       in nslcd and consequently the number of reads in the NSS and PAM modules
       (thanks John Sullivan)
     - also run invalidators after first successful search
     - various clean-ups, portability improvements and fixes for compiler
       warnings
     - import configure checks of Python modules
     - provide a script for setting up slapd in a test environment,
       automatically loaded with the required test data
     - add script for evaluating test environment availability
     - portability improvements in the test scripts and test environment
   * avoid prompting to restart services on initial install
   * upgrade to standards-version 3.9.5 (no changes needed)
   * add DEP-8 autopkgtest end-to-end tests of installed packages running an
     LDAP server and performing NSS and PAM operations
 .
 nss-pam-ldapd (0.9.1-2) experimental; urgency=low
 .
   * mark pynslcd as multi-arch foreign to allow it to satisfy dependencies
     on any arch
   * add init script dependency on $network to ensure that network is up
     before starting nslcd (closes: #726435)
   * clean generated manual pages to allow the package to be built twice in
     a row
   * when upgrading from a pre-0.9 version, have the nslcd preinst check if
     a screensaver is running that could end up locking users out of their
     system (heavily based on the eglibc and pam packaging)
   * when upgrading from a pre-0.9 version, have the nslcd postinst check
     if any services need to be restarted to load the new modules (heavily
     based on the eglibc and pam packaging)
   * debconf translation updates:
     - Dutch by Arthur de Jong
 .
 nss-pam-ldapd (0.9.1-1) experimental; urgency=low
 .
   * new upstream release:
     - rename the nscd_invalidate option to reconnect_invalidate and allow
       flushing the nfsidmap cache with the new option (perhaps a fix for
       #500778)
     - implement an -n switch to not daemonise (by Caleb Callaway)
     - nslcd will now return partial shadow information to non-root users to
       avoid authorisation problems with setgid shadow authentication helpers
       with some PAM stacks (closes: #706913)
     - nslcd will now retry failing LDAP connections after receiving SIGUSR1
     - the code for the nslcd utilities (getent.ldap and chsh.ldap) is now
       installed in /usr/share/nslcd-utils
     - improve error and help output of the getent.ldap command
     - documentation updates
     - fix for a potential, small memory leak in PAM module regarding temporary
       saving of old password
     - a large number of bug fixes and improvements in pynslcd
     - hide passwords from the pynslcd debug output
     - support start_tls, pam_password_prohibit_message, nss_min_uid and
       nss_initgroups_ignoreusers in pynslcd
     - fix rootpwmodpw handling in pynslcd
     - complete a basic PAM implementation in pynslcd (some things such as
       shadow attribute checking remain to be implemented)
   * drop 02-fix-missing-self.patch which is part of 0.9.1
   * install the same documentation in pynslcd as with nslcd
   * debian/nslcd.config: properly handle preseeding and reading values
     from the configuration file by forcefully overwriting debconf values
     from nslcd.conf and not overwriting debconf values when reading other
     configuration files (closes: #717063)
   * fix the tests by adding python-daemon and python-ldap to Build-Depends
     and fixing the permissions of the test configuration file
   * install an if-up scripts for nslcd that sends SIGUSR1 to the daemon to
     re-check LDAP server availability
 .
 nss-pam-ldapd (0.9.0-2) experimental; urgency=low
 .
   * debconf translation updates:
     - Japanese by Kenshi Muto (closes: #711867)
     - Russian by Yuri Kozlov (closes: #711884)
     - Slovak by Slavko (closes: #711889)
     - Portuguese by Américo Monteiro (closes: #712231)
     - Danish by Joe Hansen (closes: #712311)
     - German by Chris Leick (closes: #712728)
     - French by Christian Perrier (closes: #712847)
     - Turkish by Atila KOÇ (closes: #712876)
     - Czech by Miroslav Kure (closes: #713047)
     - Italian by Beatrice Torracca (closes: #713987)
     - Dutch by Arthur de Jong
     - Swedish by Martin Bagge (closes: #714651)
   * new debconf translations:
     - Polish by Michał Kułach (closes: #713921)
   * remove debian/pynslcd.init in clean target
   * move python build dependency from Build-Depends-Indep to Build-Depends
     because dh_python2 is used for every dh invocation
 .
 nss-pam-ldapd (0.9.0-1) experimental; urgency=low
 .
   * new upstream release:
     - use network byte order in the the communications protocol between
       nslcd and NSS and PAM modules  to work on mixed endian multiarch
       systems (closes: #659488)
     - netgroup lookups now makes a distinction between empty netgroups and
       non-existing netgroups
     - request and handle password policy controls on LDAP authentication
     - implement support for nested groups which can be enabled with the
       nss_nested_groups option (thanks Steve Hill) (closes: #647502)
     - add a log option to configure log level and logging to plain files
       (closes: #699841)
     - add an nscd_invalidate option to invalidate the nscd cache after
       recovering from LDAP connection problems (to clear any negative cache
       entries)
     - allow trimming expressions with ${foo#bar} syntax in attribute mapping
       expressions (thanks Thorsten Glaser) (closes: #695044)
       (pynslcd supports trimming expressions with full shell glob matching)
     - support password modification in pynslcd
     - support children search scope for systems that have it
     - add a getent.ldap utility to perform nslcd queries bypassing the libc
       NSS stack
     - implement functionality for changing user information and provide a
       chsh.ldap utility to allow users to change their login shell
     - remove deprecated use_sasl, reconnect_tries, reconnect_maxsleeptime and
       tls_checkpeer options which have been replaced long ago
     - allow names with one character in default validnames option and allow
       parentheses (taken from Fedora packages)
     - fall back to updating the lastChange attribute with the normal LDAP
       connection
     - dump full nslcd configuration at debug level on start-up
     - export an _nss_ldap_version symbol in the NSS module to make finding
       version mismatches easier (the NSS module version is logged from nslcd)
     - documentation improvements
     - temporary disable the caching functionality of pynslcd
     - usability improvements in the pynslcd implementation
   * debian/copyright: copyright year updates
   * introduce a nslcd-2 (for the protocol version) virtual package that can
     be shared between nslcd, pynslcd and potentially nssov
   * introduce a nslcd-utils package that contains the getent.ldap and
     chsh.ldap utilities
   * libnss-ldapd.postrm: do not offer to remove entries from nsswitch.conf
     when switching between module implementation or architecture
   * feedback from the debian-l10n-english contributors on the debconf
     templates and package descriptions (closes: #707193) (thanks Christian
     PERRIER and Justin B Rye)
   * introduce a pynslcd package that provides an alternative, experimental
     implementation of nslcd in Python (this package shares configuration
     and packaging scripts with nslcd)
   * 02-fix-missing-self.patch: fix a bug in pynslcd
   * ensure that /var/run/nslcd is not removed and /etc/nslcd.conf is not
     purged as long as an nslcd implementation is still present
Checksums-Sha1:
 9434ae6df45f61e7fc1c36432bffb70f6d8e4533 1688 nss-pam-ldapd_0.9.4-1.dsc
 a112b7d0d73bf2f9e1792accaa0573feffdf22fb 746269 nss-pam-ldapd_0.9.4.orig.tar.gz
 f9ceaa1ea6ab79fe96482666e793d33b74afb474 129724 nss-pam-ldapd_0.9.4-1.debian.tar.xz
 aee264d6c29e9030db6a21a433ff96a5e6c2b36e 199014 nslcd_0.9.4-1_i386.deb
 fa04efcc1a579079b95b9ee77aa38eb94af1e8d2 164838 pynslcd_0.9.4-1_all.deb
 ccc99d345ce559b8734e878eda89b56e302720f1 72756 libnss-ldapd_0.9.4-1_i386.deb
 34d6e7b4896c384be14e1658a6f3d9b748bbe7c5 59820 libpam-ldapd_0.9.4-1_i386.deb
 927d80d369fe934da7fd02142ff904d1ebd1fda2 56906 nslcd-utils_0.9.4-1_all.deb
Checksums-Sha256:
 a402d20278b9e15ef50d7bc3bfd5f1502e3140bcc50fe5e1bacade77d6c5708b 1688 nss-pam-ldapd_0.9.4-1.dsc
 fd2e3e0935acfd3d2b13682962f51d28d5855472e690d787e36a476fa40c88e6 746269 nss-pam-ldapd_0.9.4.orig.tar.gz
 4aeb472c0be479ea1a1fccab70ba7613bbe2fd3bae6f69c67f6b2892b50f8d99 129724 nss-pam-ldapd_0.9.4-1.debian.tar.xz
 266e9b7bc10bd0c187b1593ba8afa85d16338988679b45e371679afbcb603440 199014 nslcd_0.9.4-1_i386.deb
 cf7d4897a935fc770fe4b0881eff0fa20e7d80ee396416b4bba2a8a9adfa5f7d 164838 pynslcd_0.9.4-1_all.deb
 49299c0669ca34d5b0273b646a7a23a999e53383485241eeb75c7d6dcb888873 72756 libnss-ldapd_0.9.4-1_i386.deb
 672d9ef346db9aa200fc63785518e19cf9b3a6d6c78f995d77295dfe3fa93eaa 59820 libpam-ldapd_0.9.4-1_i386.deb
 5057b7a988ff80bf9ed9858ec07a8ef9dae05a5bcec472db9ddd0155fefc35c8 56906 nslcd-utils_0.9.4-1_all.deb
Files:
 2984aeb0517514320efbe5cf59a26675 199014 admin extra nslcd_0.9.4-1_i386.deb
 33155b6be96acc69056ace70b46485fc 164838 admin extra pynslcd_0.9.4-1_all.deb
 3891bf17e88c8548ff607bd881242466 72756 admin extra libnss-ldapd_0.9.4-1_i386.deb
 ae5f3451a167338bf73f6dc3be3a2856 59820 admin extra libpam-ldapd_0.9.4-1_i386.deb
 b85b60e7fc9bf6bc78b5d3ac5626eb3d 56906 admin extra nslcd-utils_0.9.4-1_all.deb
 5cb3329463b420895ed400d487594e1c 1688 admin extra nss-pam-ldapd_0.9.4-1.dsc
 0d74202700efdde3b6e551bfff49c132 746269 admin extra nss-pam-ldapd_0.9.4.orig.tar.gz
 c6cd9298cf6695ac2b157ddfec43f57b 129724 admin extra nss-pam-ldapd_0.9.4-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlOUWMIACgkQVYan35+NCKertwCZAWZmMzB2JmE5rskBI4FQEq78
V9IAoKQvfZjhDoLyOAtVdw8yt4caXXAl
=DGUr
-----END PGP SIGNATURE-----