diff --git a/.gitignore b/.gitignore index 0765eaf..71aef24 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ /libpwquality-1.2.3.tar.bz2 /libpwquality-1.2.4.tar.bz2 /libpwquality-1.3.0.tar.bz2 +/libpwquality-1.4.0.tar.bz2 diff --git a/libpwquality-1.3.0-generate-overflow.patch b/libpwquality-1.3.0-generate-overflow.patch deleted file mode 100644 index 59b2c28..0000000 --- a/libpwquality-1.3.0-generate-overflow.patch +++ /dev/null @@ -1,20 +0,0 @@ -# HG changeset patch -# User Tomas Mraz -# Date 1440426008 -7200 -# Mon Aug 24 16:20:08 2015 +0200 -# Node ID a4696cd7cd246f6c34a2d2f1d54d569c5e7ecd84 -# Parent bb4952bec17e830c751d99a85ae1de32e22cf659 -Fix possible stack overflow in pwquality_generate() with data from /dev/urandom. - -diff -r bb4952bec17e -r a4696cd7cd24 src/generate.c ---- a/src/generate.c Thu Jul 23 14:11:30 2015 +0200 -+++ b/src/generate.c Mon Aug 24 16:20:08 2015 +0200 -@@ -100,7 +100,7 @@ - int - pwquality_generate(pwquality_settings_t *pwq, int entropy_bits, char **password) - { -- char entropy[PWQ_MAX_ENTROPY_BITS/8 + 1]; -+ char entropy[(PWQ_MAX_ENTROPY_BITS+PWQ_MAX_ENTROPY_BITS/9)/8 + 2]; - char *tmp; - int maxlen; - int try = 0; diff --git a/libpwquality.spec b/libpwquality.spec index 1fbd29c..94b4a02 100644 --- a/libpwquality.spec +++ b/libpwquality.spec @@ -1,13 +1,12 @@ Summary: A library for password generation and password quality checking Name: libpwquality -Version: 1.3.0 -Release: 8%{?dist} +Version: 1.4.0 +Release: 1%{?dist} # The package is BSD licensed with option to relicense as GPLv2+ # - this option is redundant as the BSD license allows that anyway. License: BSD or GPLv2+ Group: System Environment/Base Source0: http://fedorahosted.org/releases/l/i/libpwquality/libpwquality-%{version}.tar.bz2 -Patch1: libpwquality-1.3.0-generate-overflow.patch %global _pwqlibdir %{_libdir} %global _moduledir %{_libdir}/security @@ -67,7 +66,6 @@ pronounceable passwords from Python applications. %prep %setup -q -%patch1 -p1 -b .overflow rm -rf %{py3dir} cp -a . %{py3dir} @@ -151,24 +149,14 @@ mkdir $RPM_BUILD_ROOT%{_secconfdir}/pwquality.conf.d %{python3_sitearch}/*.egg-info %changelog -* Fri Feb 10 2017 Fedora Release Engineering - 1.3.0-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Mon Dec 12 2016 Charalampos Stratakis - 1.3.0-7 -- Rebuild for Python 3.6 - -* Tue Jul 19 2016 Fedora Release Engineering - 1.3.0-6 -- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages - -* Mon Apr 11 2016 Tomáš Mráz 1.3.0-5 -- Make the cracklib-dicts dependency weak - given the optionality - of the dictionary check (#1323175) - -* Thu Feb 04 2016 Fedora Release Engineering - 1.3.0-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Tue Nov 03 2015 Robert Kuska - 1.3.0-3 -- Rebuilt for Python3.5 rebuild +* Fri May 26 2017 Tomáš Mráz 1.4.0-1 +- Do not try to check presence of too short username in password +- Make the user name check optional (via usercheck option) +- Add an 'enforcing' option to make the checks to be warning-only + in PAM +- The difok = 0 setting will disable all old password similarity + checks except new and old passwords being identical +- Updated translations from Zanata * Mon Aug 24 2015 Tomáš Mráz 1.3.0-2 - Fix possible stack overflow in the generate function (#1255935) diff --git a/sources b/sources index 6299f8b..7d20078 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -2a3d4ba1d11b52b4f6a7f39622ebf736 libpwquality-1.3.0.tar.bz2 +SHA512 (libpwquality-1.4.0.tar.bz2) = b8049f8b71bbfd4d345dbd4c4cffd29e9029b0fca4c95527af54d11a3b06e4708236b630df6c66738368298679c96cb3bf26b1b5d95cb3c5f7e1073cab8a98d9