Change the hmac that protect sudopassword entries to also hash the purpose

[mirror/userdir-ldap.git] / debian / changelog

diff --git a/debian/changelog b/debian/changelog
index 1ce12b9..fea116d 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,31 @@
-userdir-ldap (0.3.XX) unstable; urgency=low
+userdir-ldap (0.3.46) unstable; urgency=low
+
+  * Change the hmac that protect sudopassword entries to also
+    hash the purpose ("sudo") and the owning user's uid into
+    the mac.
+
+ -- Peter Palfrader <weasel@debian.org>  Fri, 14 Nov 2008 20:27:38 +0100
+
+userdir-ldap (0.3.45) unstable; urgency=low
+
+  * ud-generate: Declare [UNTRSUTED] flag as obsolete.
+  * ud-generate: Add [NOMARKERS] flag to not push markers (gps coordinates) to host.
+  * ud-replicate: Use --delete-after with rsync.  Previously we didn't delete
+    stuff ever.
+  * ud-replicate: Sync only ssh_known_hosts into chroots, not ssh*.
+  * ud-replicate: Clean up better, correcting some mistakes done by earlier
+    versions.
+
+ -- Peter Palfrader <weasel@debian.org>  Sun, 26 Oct 2008 22:31:46 +0100
+
+userdir-ldap (0.3.44) unstable; urgency=low
 
   * ud-mailgate: Do not support del requests for sshDSAAuthKey - there is no
     such attribute.
+  * ud-generate: do not export sudopassword to untrusted or nopasswd hosts,
+    unless the password is explicitly added for this host and not just for '*'.
 
- -- Peter Palfrader <weasel@debian.org>  Fri, 26 Sep 2008 14:21:26 +0200
+ -- Peter Palfrader <weasel@debian.org>  Fri, 03 Oct 2008 13:23:22 +0200
 
 userdir-ldap (0.3.43) unstable; urgency=low