2023-11-14 14:22:29 by Jonathan Perkin | Files touched by this commit (5) |
Log message:
duo-unix: Update to 2.0.2.
duo_unix-2.0.2:
- `make check` now works correctly on Solaris
- Added support for Fedora 37 and Fedora 38
- Added support for Debian 12
- Removed support for Ubuntu 18.04
- Removed support for Debian 9
duo_unix-2.0.1:
- The support script collects a few additional files for troubleshooting
- Duo API calls now use SHA512 instead of SHA1 as the HMAC algorithm
duo_unix-2.0.0:
- Changed the behavior of `su` when the target user is not root. The target
user will need to complete 2FA rather than the original user.
- login_duo resets the SIGPIPE handler when it closes its connection.
- Added logging when Duo is invoked, to assist troubleshooting.
- Updated package signing to SHA512
duo_unix-1.12.1:
- Updated Unity to 2.5.2
- Added support for Fedora 34
- Removed support for Centos 8
- Added support for Centos Stream 8
- Added support for Centos Stream 9
- Added support for Ubuntu 22.04
duo_unix-1.12.0:
- Switched from BSON to JSON as a data interchange format
- Switched from Cram to python `unittest` for testing
duo_unix-1.11.5:
- Added support for Debian 11
- Removed support for Debian 8
- Removed support for CentOS 6
- Fixed MOTD display for non-interactive sessions
- The support tool now also collects the sudo PAM configuration file
- Updated pinned certificates
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-05-12 11:25:24 by Jonathan Perkin | Files touched by this commit (2) |
Log message:
duo-unix: Ensure openssl rpath flags are used.
|
2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
|
2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message:
security: Remove SHA1 hashes for distfiles
|
2021-05-14 13:57:09 by Nia Alarie | Files touched by this commit (1) |
Log message:
duo-unix: explicitly disable lib64
|
2020-12-04 13:15:42 by Jonathan Perkin | Files touched by this commit (4) |
Log message:
duo-unix: Update to 1.11.4.
Changes since 1.10.4:
duo_unix-1.11.4 - May 18, 2020
Added support for Ubuntu 20.04.
Added support tool to collect information (e.g. logs and PAM stacks) you can
send to Duo Support when troubleshooting issues.
Ubuntu 12.04 no longer supported.
Updated GPG public key for downloading distribution packages.
duo_unix-1.11.3 - October 2019
Support for CentOS 8, Red Hat 8, and Debian 10.
Improved validation of BSON messages.
Updated GPG public key for downloading distribution packages.
duo_unix-1.11.2 - June 2019
Published a guide to recommended Kerberos configuration for Duo Unix. Thanks
to Neal Poole at Facebook for bringing expertise and attention to this topic.
Updated SELinux policy to allow local logins to use the pam_duo PAM module
and made sshd configurable. This requires installation of
selinux-policy-devel on CentOS and RHEL 7 as a prerequisite.
Added support for spaces in group names when escaped with backslashes in
pam_duo.conf and login_duo.conf
Debian 7 no longer supported.
duo_unix-1.11.1 - November 2018
Fixed bug causing console login to fail on certain systems.
Debian 7 support is deprecated and will be removed in the next release.
duo_unix-1.11.0 - October 2018
Added configuration options for parsing the Duo username out of the GECOS
field: gecos_username_pos and gecos_delim.
Support for Debian 9 (Stretch).
CentOS 5 no longer supported.
duo_unix-1.10.5 - September 2018
CentOS 5 Support is deprecated and will be removed in the next release.
Fixed a bug that caused a segfault on systems where the hostname wasn't
retrievable.
|
2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message:
*: Recursive revision bump for openssl 1.1.1.
|
2018-09-04 16:43:09 by Filip Hajny | Files touched by this commit (2) |
Log message:
security/duo-unix: Update to 1.10.4.
duo_unix-1.10.4:
- Removed failmode decision from auth endpoint and moved it to only
preauth according to standards in our other integrations
- Updated Duo Unix to speak up to TLS 1.2
- Support for LibreSSL 2.7.0 and up
- Minor memory leak fixes
- Output message when user is locked out
duo_unix-1.10.3:
- Added support for http_proxy with SELinux enabled
duo_unix-1.10.2:
- Added default failmode values in config files
|
2018-07-04 15:40:45 by Jonathan Perkin | Files touched by this commit (423) |
Log message:
*: Move SUBST_STAGE from post-patch to pre-configure
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
|