Your message dated Sat, 06 Apr 2024 20:37:44 +0000
with message-id <[email protected]>
and subject line Bug#1022073: fixed in pam-u2f 1.3.0-1
has caused the Debian Bug report #1022073,
regarding new upstream release 1.3.0 is available
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1022073: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022073
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: src:pam-u2f
Version: 1.1.0-1.1

Upstream has released version 1.2.1.  There are also several pending
merge requests in salsa to update this package at least to 1.1.1, all
from the same user with the handle @adam_hax ("Adam Hacker"):

    https://salsa.debian.org/auth-team/pam-u2f/-/merge_requests

Additionally, there is an outstanding NMU from carnil that hasn't been
rolled up into the main debian packaging.

Thanks for giving this package some attention in debian!

        --dkg

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message ---
Source: pam-u2f
Source-Version: 1.3.0-1
Done: Patrick Winnertz <[email protected]>

We believe that the bug you reported is fixed in the latest version of
pam-u2f, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Patrick Winnertz <[email protected]> (supplier of updated pam-u2f package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Apr 2024 14:33:00 +0200
Source: pam-u2f
Architecture: source
Version: 1.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Authentication Maintainers <[email protected]>
Changed-By: Patrick Winnertz <[email protected]>
Closes: 987545 1022073 1061859
Changes:
 pam-u2f (1.3.0-1) unstable; urgency=medium
 .
   * Update the keys according to the yubico website
     and delete one from the keyring.
   * Modify gbp.conf
     + Remove autosigning of upstream, I can't check that
       tag (and the content) before signing.
     + Extend the included gbp so that everybody
       uses gz in this case.
   * Accknowledge NMU from Salvatore Bonaccorso <[email protected]>
     to close CVE-2021-31924 (Closes: #987545) - see release 1.1.1
   * New upstream version 1.3.0 (Closes: #1022073)
     + Add sanity checking of UV options to pamu2fcfg.
     + Add support for username expansion in the authfile path.
     + Improvements to the documentation.
     + 1.2.1:
        + Fixed an issue where native credentials could be truncated,
           resulting in failure to authenticate or successful
           authentication with missing options.
        + Stricter parsing of sshformat credentials.
        + pamu2fcfg now allows a combination of the
           --username and --nouser options.
        + Improved documentation on FIDO2 options.
     + 1.2.0:
         + Added support for EdDSA keys.
         + Added support for SSH ed25519-sk keys.
         + Added authenticator filtering based on user verification options.
         + Fixed an issue with privilege restoration on MacOS.
         + Fixed an issue where credentials created with pamu2fcfg
           1.0.8 or earlier were not handled correctly if their origin
           and appid differed.
         + Miscellaneous improvements to the documentation.
         + Miscellaneous minor bug fixes found by fuzzing.
     + 1.1.1:
        + Fix an issue where PIN authentication could be
           bypassed (CVE-2021-31924).
        + Fix an issue with nodetect and non-resident credentials.
        + Fix build issues with musl libc.
        + Add support for self-attestation in pamu2fcfg.
        + Fix minor bugs found by fuzzing.
   * Modify lintian override for new syntax
   * Update copyright and add myself
   * Switch to compat level 13
   * Raise the standards-version to 4.6.2 (no changes needed)
   * Switched from pkg-config to pkgconf.
   * Removed Alessio Di Mauro and Nicoo as uploaders, according
     to process described here: https://wiki.debian.org/PackageSalvaging
   * Install package into /usr according to the /usr-merge. (Closes: #1061859)
     Thanks to Michael Biebl <[email protected]> for the patch.
Checksums-Sha1:
 9f743ff10c10192add00ccf21616b05135dee421 2277 pam-u2f_1.3.0-1.dsc
 5390be2801ad31e6ab3ba86db4b7f1b80ab07b0c 456281 pam-u2f_1.3.0.orig.tar.gz
 56c1bc0824962b8d3748ce2f88036caff1fc30d3 119 pam-u2f_1.3.0.orig.tar.gz.asc
 12a8918d7ff2bddeb274b9db36fc0eb55b4c7b67 63328 pam-u2f_1.3.0-1.debian.tar.xz
 dfad44bf78f937612b0d47460e341ef0ac6675c0 6926 pam-u2f_1.3.0-1_amd64.buildinfo
Checksums-Sha256:
 6236f091bef347185d879f7e2f84aba607964f0373ce7f7adb6a1a70b371c476 2277 
pam-u2f_1.3.0-1.dsc
 72360c6875485eb4df409da8f8f52b17893f05e4d998529c238814480e115220 456281 
pam-u2f_1.3.0.orig.tar.gz
 1d9ed7e8d1a464d4c4f899178a7a3029add1be7dd1802b52a38dc32da7b4d73c 119 
pam-u2f_1.3.0.orig.tar.gz.asc
 489b568445cf789a8638cc074a18085b1c5799a7d681bd507863e63ef5066ddf 63328 
pam-u2f_1.3.0-1.debian.tar.xz
 f0dc9d0b3d6d59952d8f1b207b0e1d755c4032b681aa63b69782a3106617689b 6926 
pam-u2f_1.3.0-1_amd64.buildinfo
Files:
 817fc44e86b851de4190f4358fc88f1d 2277 admin optional pam-u2f_1.3.0-1.dsc
 e79696f5afb8f8f96c8344bffcf1edcc 456281 admin optional 
pam-u2f_1.3.0.orig.tar.gz
 faa4b40c64d305386129949ff76231e5 119 admin optional 
pam-u2f_1.3.0.orig.tar.gz.asc
 9b69c0c41750da264b75886d4bfa60b1 63328 admin optional 
pam-u2f_1.3.0-1.debian.tar.xz
 f94c0f2ad67f9b4aa00fe6473c4bd55c 6926 admin optional 
pam-u2f_1.3.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEjSCBcjiIQIEbhdocxtUKQYjHDkMFAmYRqkESHHdpbm5pZUBk
ZWJpYW4ub3JnAAoJEMbVCkGIxw5DR8MP/0Hqp1/3vSpg8j8DweRVTSFQuMhe+pE9
m5xPYFIOX5NOcpIDd0qLK6ZDggrsYeQYQBl537p9z8p585Wy+tFBMxtm7tQQYe7V
VjTmXAqx9n+EIrCt2Q/HPFlBJjLkwzEObnWWKoa09DG978Xpvwjp8/NarhCPRdSa
u9m7GvG13l/LsNJKrsQjHiglyJJ68qXr6IdXqRJ7g2Qi0oeMOUfy9ywvqe2NoVkQ
lk1Nmo/Aomtn4/Wsyu4NGtPqKYvcNvsdhW2lenH8TsAbl4/QFinZhmbWMqCHY85J
bhIFvtDHdmmFbVM/ewRRsxESeXwNn/NlUFq9w+oN19rHWmL8hvN4eKxm3UeTHzVR
topiQXDHfZohH6SV0QM2R05o/iASoDcVyj9AIjDWTbU+hJWR9HbE6c4e7N60KHlh
UABYc5PMcK18duigzF8Q0GuKvX0WfLuZVTyTFKzNq8NjJ3XoLkllKp+JysiuZm3Y
QY1DC/2fiIU6qvQ6NbRD3eS36RHDvd/2EhXFCBfJ6o98TRV+eobsD6EQEYhOMb6G
BrodRLEzpAiuqRHc2UFkIPCOPBMZhzeguIkzbPZXTHpg7JrwJVEO/0TucL5nQO6V
t0+5AKciYmCf5zCP6ZoWh414BppktR3sFhfMF9dPEP/IBHnqXJtxzHc7l3oEEE2d
Wq2Rq0Pldv+0
=9Eph
-----END PGP SIGNATURE-----

Attachment: pgp0xyXg4pFpm.pgp
Description: PGP signature


--- End Message ---

Reply via email to