"Fossies" - the Fresh Open Source Software Archive

Member "passwdqc-2.0.3/CHANGES" (23 Jun 2023, 5005 Bytes) of package /linux/privat/passwdqc-2.0.3.tar.gz:

As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "CHANGES": 2.0.2_vs_2.0.3.

    1 	Significant changes between 2.0.2 and 2.0.3.
    3 Added pkg-config file.
    5 Changed enforce=users to support "chpasswd" PAM service in addition to
    6 traditionally supported "passwd".
    9 	Significant changes between 2.0.1 and 2.0.2.
   11 Improved pam_passwdqc's auto-generated policy descriptions further, so
   12 that lines are wrapped at a more consistent length.
   14 Added the libpasswdqc(3) manual page and links to it for all functions
   15 documented in there.
   17 Added scripts to support Continuous Integration on GitHub (included in
   18 the git repository, but excluded from release tarballs).
   21 	Significant changes between 2.0.0 and 2.0.1.
   23 Improved pam_passwdqc's auto-generated policy descriptions, which were
   24 slightly misformatted since the introduction of i18n support in 1.4.0.
   25 Now they not only look prettier, but also make it clearer that the
   26 mentioned lengths are merely the minimums and not the recommended ones.
   28 Updated Russian translation for consistency with the above and to cover
   29 messages added in 1.9.0+.
   31 Increased maximum size of randomly-generated passphrases to 136 bits.
   32 This was already the limit in the underlying API, but the tools' limit
   33 was set to 85.  This increase is to allow for a wider variety of use
   34 cases for the tools.
   36 In the Makefile, use CPPFLAGS and LDFLAGS consistently to be friendlier
   37 to packaging by distros.
   39 Added this file CHANGES based on two latest release announcements, and
   40 started to maintain it.
   43 	Significant changes between 1.9.0 and 2.0.0.
   45 Introduce and use passwdqc_params_free().  This is a minor addition to
   46 the libpasswdqc API related to the addition of external files support.
   49 	Significant changes between 1.5.0 and 1.9.0.
   51 Added support for external wordlist, denylist, and binary filter.  With
   52 these, passwdqc can be configured to deny passwords and passphrases that
   53 are based on lines of a tiny external text file (the "wordlist" option),
   54 directly appear in a tiny external text file (the "denylist" option),
   55 or/and directly appear in a maybe huge binary filter file (the "filter"
   56 option).  While usage of larger external text files is inefficient, the
   57 binary filters are very efficient.
   59 The binary filters can be created and otherwise managed with the newly
   60 added pwqfilter(1) program.  It can create a binary filter from a list
   61 of plaintexts or from MD4 or NTLM hashes.  The latter are supported in a
   62 way that enables importing of HIBP (Pwned Passwords) database revisions
   63 into passwdqc binary filters.  pwqfilter works on arbitrary plain text
   64 strings or hex-encoded hashes, and it can also be reused in lieu of
   65 grep(1) for many purposes, even unrelated to passphrases and security.
   67 Merged changes needed for building with Visual Studio on Windows.  This
   68 includes a refactoring of the random passphrase generator code to make
   69 it shared between platforms.
   72 	Significant changes between 1.4.1 and 1.5.0.
   74 Updated the included wordlist to avoid some inappropriate words in
   75 randomly generated passphrases while not removing any words from the
   76 "word-based" check, and also to have plenty of extra words for
   77 subsequent removal of more words that might be considered inappropriate
   78 from the initial 4096 that are used for randomly generated passphrases.
   79 Most of the added words came from EFF Diceware, BIP-0039, and our own
   80 processing of Project Gutenberg Australia books.
   83 	Significant changes between 1.4.0 and 1.4.1.
   85 Set default for "max" to 72 (was 40).  The previous setting was based on
   86 a reading of RFC 1939, which in practice did not matter.  The new one is
   87 based on bcrypt's truncation at 72, which actually still matters.
   89 Documented "similar" in pwqcheck(1) help message and manual page.  This
   90 is a setting that was supported before and documented for other passwdqc
   91 components before, but was apparently erroneously omitted from here.
   94 	Significant changes between 1.3.2 and 1.4.0.
   96 Implemented i18n support in pam_passwdqc, contributed by Oleg Solovyov,
   97 Andrey Cherepanov, and Dmitry V. Levin.  The i18n support is off by
   98 default, it can be enabled if Linux-PAM is built using --enable-nls
   99 configure option.
  101 Implemented audit support in pam_passwdqc, contributed by Oleg Solovyov
  102 and Dmitry V. Levin.  The audit support is off by default, it can be
  103 enabled if Linux-PAM is built using --enable-audit configure option.
  105 Both of these optional new features had been introduced and are enabled
  106 in ALT Linux distributions, so this version is effectively upstreaming
  107 the changes from there.
  110 	Significant changes between 1.3.1 and 1.3.2.
  112 Compatibility for building with newer versions of glibc, where we now
  113 have to define _DEFAULT_SOURCE for our use of crypt(3).  The problem was
  114 identified and this change tested by Dmitry V. Levin.
  116 Clarified in the man pages that /etc/passwdqc.conf is not read unless
  117 this suggested file location is specified with the config= option.
  119 Clarified the OpenBSD configuration example.
  121 Escape the minus sign in the OpenBSD configuration example to make the
  122 man page linter happy, patch by Jackson Doak via Unit 193.