Your message dated Sat, 06 Apr 2024 20:37:44 +0000
with message-id <[email protected]>
and subject line Bug#1061859: fixed in pam-u2f 1.3.0-1
has caused the Debian Bug report #1061859,
regarding pam-u2f: install PAM module into /usr
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1061859: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061859
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: pam-u2f
Version: 1.1.0-1.1
Severity: normal
Tags: patch
User: [email protected]
Usertags: dep17m2
We want to finalize the /usr-merge via DEP17 by moving all files to
/usr. pam-u2f installs files into /lib these should be moved
into the respective canonical locations in /usr/.
Please find a patch attached. It has been build-tested.
Note: this should not be backported to bookworm. If you intend to
backport, please use dh_movetousr instead.
If your package will change for the t64 transition or otherwise
rename/split/move its binaries (packages) during trixie, please
then upload to experimental and get in touch with the UsrMerge
driver, please see the wiki [1].
Michael
[1] https://wiki.debian.org/UsrMerge
diff -Nru pam-u2f-1.1.0/debian/changelog pam-u2f-1.1.0/debian/changelog
--- pam-u2f-1.1.0/debian/changelog 2021-06-05 15:04:24.000000000 +0200
+++ pam-u2f-1.1.0/debian/changelog 2024-01-29 22:27:22.000000000 +0100
@@ -1,3 +1,10 @@
+pam-u2f (1.1.0-1.2) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Install PAM module into /usr. (Closes: #-1)
+
+ -- Michael Biebl <[email protected]> Mon, 29 Jan 2024 22:27:22 +0100
+
pam-u2f (1.1.0-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru pam-u2f-1.1.0/debian/libpam-u2f.install
pam-u2f-1.1.0/debian/libpam-u2f.install
--- pam-u2f-1.1.0/debian/libpam-u2f.install 2021-06-05 15:04:24.000000000
+0200
+++ pam-u2f-1.1.0/debian/libpam-u2f.install 2024-01-29 22:27:05.000000000
+0100
@@ -1 +1 @@
-lib/*/security/pam_u2f.so
+usr/lib/*/security/pam_u2f.so
diff -Nru pam-u2f-1.1.0/debian/rules pam-u2f-1.1.0/debian/rules
--- pam-u2f-1.1.0/debian/rules 2021-06-05 15:04:24.000000000 +0200
+++ pam-u2f-1.1.0/debian/rules 2024-01-29 22:27:15.000000000 +0100
@@ -8,7 +8,7 @@
override_dh_auto_configure:
dh_auto_configure -- \
--disable-silent-rules \
- --with-pam-dir=$(DESTDIR)/lib/$(DEB_HOST_MULTIARCH)/security
+ --with-pam-dir=/usr/lib/$(DEB_HOST_MULTIARCH)/security
override_dh_installchangelogs:
dh_installchangelogs NEWS
--- End Message ---
--- Begin Message ---
Source: pam-u2f
Source-Version: 1.3.0-1
Done: Patrick Winnertz <[email protected]>
We believe that the bug you reported is fixed in the latest version of
pam-u2f, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Patrick Winnertz <[email protected]> (supplier of updated pam-u2f package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 06 Apr 2024 14:33:00 +0200
Source: pam-u2f
Architecture: source
Version: 1.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Authentication Maintainers <[email protected]>
Changed-By: Patrick Winnertz <[email protected]>
Closes: 987545 1022073 1061859
Changes:
pam-u2f (1.3.0-1) unstable; urgency=medium
.
* Update the keys according to the yubico website
and delete one from the keyring.
* Modify gbp.conf
+ Remove autosigning of upstream, I can't check that
tag (and the content) before signing.
+ Extend the included gbp so that everybody
uses gz in this case.
* Accknowledge NMU from Salvatore Bonaccorso <[email protected]>
to close CVE-2021-31924 (Closes: #987545) - see release 1.1.1
* New upstream version 1.3.0 (Closes: #1022073)
+ Add sanity checking of UV options to pamu2fcfg.
+ Add support for username expansion in the authfile path.
+ Improvements to the documentation.
+ 1.2.1:
+ Fixed an issue where native credentials could be truncated,
resulting in failure to authenticate or successful
authentication with missing options.
+ Stricter parsing of sshformat credentials.
+ pamu2fcfg now allows a combination of the
--username and --nouser options.
+ Improved documentation on FIDO2 options.
+ 1.2.0:
+ Added support for EdDSA keys.
+ Added support for SSH ed25519-sk keys.
+ Added authenticator filtering based on user verification options.
+ Fixed an issue with privilege restoration on MacOS.
+ Fixed an issue where credentials created with pamu2fcfg
1.0.8 or earlier were not handled correctly if their origin
and appid differed.
+ Miscellaneous improvements to the documentation.
+ Miscellaneous minor bug fixes found by fuzzing.
+ 1.1.1:
+ Fix an issue where PIN authentication could be
bypassed (CVE-2021-31924).
+ Fix an issue with nodetect and non-resident credentials.
+ Fix build issues with musl libc.
+ Add support for self-attestation in pamu2fcfg.
+ Fix minor bugs found by fuzzing.
* Modify lintian override for new syntax
* Update copyright and add myself
* Switch to compat level 13
* Raise the standards-version to 4.6.2 (no changes needed)
* Switched from pkg-config to pkgconf.
* Removed Alessio Di Mauro and Nicoo as uploaders, according
to process described here: https://wiki.debian.org/PackageSalvaging
* Install package into /usr according to the /usr-merge. (Closes: #1061859)
Thanks to Michael Biebl <[email protected]> for the patch.
Checksums-Sha1:
9f743ff10c10192add00ccf21616b05135dee421 2277 pam-u2f_1.3.0-1.dsc
5390be2801ad31e6ab3ba86db4b7f1b80ab07b0c 456281 pam-u2f_1.3.0.orig.tar.gz
56c1bc0824962b8d3748ce2f88036caff1fc30d3 119 pam-u2f_1.3.0.orig.tar.gz.asc
12a8918d7ff2bddeb274b9db36fc0eb55b4c7b67 63328 pam-u2f_1.3.0-1.debian.tar.xz
dfad44bf78f937612b0d47460e341ef0ac6675c0 6926 pam-u2f_1.3.0-1_amd64.buildinfo
Checksums-Sha256:
6236f091bef347185d879f7e2f84aba607964f0373ce7f7adb6a1a70b371c476 2277
pam-u2f_1.3.0-1.dsc
72360c6875485eb4df409da8f8f52b17893f05e4d998529c238814480e115220 456281
pam-u2f_1.3.0.orig.tar.gz
1d9ed7e8d1a464d4c4f899178a7a3029add1be7dd1802b52a38dc32da7b4d73c 119
pam-u2f_1.3.0.orig.tar.gz.asc
489b568445cf789a8638cc074a18085b1c5799a7d681bd507863e63ef5066ddf 63328
pam-u2f_1.3.0-1.debian.tar.xz
f0dc9d0b3d6d59952d8f1b207b0e1d755c4032b681aa63b69782a3106617689b 6926
pam-u2f_1.3.0-1_amd64.buildinfo
Files:
817fc44e86b851de4190f4358fc88f1d 2277 admin optional pam-u2f_1.3.0-1.dsc
e79696f5afb8f8f96c8344bffcf1edcc 456281 admin optional
pam-u2f_1.3.0.orig.tar.gz
faa4b40c64d305386129949ff76231e5 119 admin optional
pam-u2f_1.3.0.orig.tar.gz.asc
9b69c0c41750da264b75886d4bfa60b1 63328 admin optional
pam-u2f_1.3.0-1.debian.tar.xz
f94c0f2ad67f9b4aa00fe6473c4bd55c 6926 admin optional
pam-u2f_1.3.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEjSCBcjiIQIEbhdocxtUKQYjHDkMFAmYRqkESHHdpbm5pZUBk
ZWJpYW4ub3JnAAoJEMbVCkGIxw5DR8MP/0Hqp1/3vSpg8j8DweRVTSFQuMhe+pE9
m5xPYFIOX5NOcpIDd0qLK6ZDggrsYeQYQBl537p9z8p585Wy+tFBMxtm7tQQYe7V
VjTmXAqx9n+EIrCt2Q/HPFlBJjLkwzEObnWWKoa09DG978Xpvwjp8/NarhCPRdSa
u9m7GvG13l/LsNJKrsQjHiglyJJ68qXr6IdXqRJ7g2Qi0oeMOUfy9ywvqe2NoVkQ
lk1Nmo/Aomtn4/Wsyu4NGtPqKYvcNvsdhW2lenH8TsAbl4/QFinZhmbWMqCHY85J
bhIFvtDHdmmFbVM/ewRRsxESeXwNn/NlUFq9w+oN19rHWmL8hvN4eKxm3UeTHzVR
topiQXDHfZohH6SV0QM2R05o/iASoDcVyj9AIjDWTbU+hJWR9HbE6c4e7N60KHlh
UABYc5PMcK18duigzF8Q0GuKvX0WfLuZVTyTFKzNq8NjJ3XoLkllKp+JysiuZm3Y
QY1DC/2fiIU6qvQ6NbRD3eS36RHDvd/2EhXFCBfJ6o98TRV+eobsD6EQEYhOMb6G
BrodRLEzpAiuqRHc2UFkIPCOPBMZhzeguIkzbPZXTHpg7JrwJVEO/0TucL5nQO6V
t0+5AKciYmCf5zCP6ZoWh414BppktR3sFhfMF9dPEP/IBHnqXJtxzHc7l3oEEE2d
Wq2Rq0Pldv+0
=9Eph
-----END PGP SIGNATURE-----
pgpOPhgLm8wDe.pgp
Description: PGP signature
--- End Message ---