"Fossies" - the Fresh Open Source Software Archive
Member "passwdqc-2.0.3/CHANGES" (23 Jun 2023, 5005 Bytes) of package /linux/privat/passwdqc-2.0.3.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard
) with prefixed line numbers.
Alternatively you can here view
the uninterpreted source code file.
See also the latest Fossies "Diffs"
side-by-side code changes report for "CHANGES": 2.0.2_vs_2.0.3
1 Significant changes between 2.0.2 and 2.0.3.
3 Added pkg-config file.
5 Changed enforce=users to support "chpasswd" PAM service in addition to
6 traditionally supported "passwd".
9 Significant changes between 2.0.1 and 2.0.2.
11 Improved pam_passwdqc's auto-generated policy descriptions further, so
12 that lines are wrapped at a more consistent length.
14 Added the libpasswdqc(3) manual page and links to it for all functions
15 documented in there.
17 Added scripts to support Continuous Integration on GitHub (included in
18 the git repository, but excluded from release tarballs).
21 Significant changes between 2.0.0 and 2.0.1.
23 Improved pam_passwdqc's auto-generated policy descriptions, which were
24 slightly misformatted since the introduction of i18n support in 1.4.0.
25 Now they not only look prettier, but also make it clearer that the
26 mentioned lengths are merely the minimums and not the recommended ones.
28 Updated Russian translation for consistency with the above and to cover
29 messages added in 1.9.0+.
31 Increased maximum size of randomly-generated passphrases to 136 bits.
32 This was already the limit in the underlying API, but the tools' limit
33 was set to 85. This increase is to allow for a wider variety of use
34 cases for the tools.
36 In the Makefile, use CPPFLAGS and LDFLAGS consistently to be friendlier
37 to packaging by distros.
39 Added this file CHANGES based on two latest release announcements, and
40 started to maintain it.
43 Significant changes between 1.9.0 and 2.0.0.
45 Introduce and use passwdqc_params_free(). This is a minor addition to
46 the libpasswdqc API related to the addition of external files support.
49 Significant changes between 1.5.0 and 1.9.0.
51 Added support for external wordlist, denylist, and binary filter. With
52 these, passwdqc can be configured to deny passwords and passphrases that
53 are based on lines of a tiny external text file (the "wordlist" option),
54 directly appear in a tiny external text file (the "denylist" option),
55 or/and directly appear in a maybe huge binary filter file (the "filter"
56 option). While usage of larger external text files is inefficient, the
57 binary filters are very efficient.
59 The binary filters can be created and otherwise managed with the newly
60 added pwqfilter(1) program. It can create a binary filter from a list
61 of plaintexts or from MD4 or NTLM hashes. The latter are supported in a
62 way that enables importing of HIBP (Pwned Passwords) database revisions
63 into passwdqc binary filters. pwqfilter works on arbitrary plain text
64 strings or hex-encoded hashes, and it can also be reused in lieu of
65 grep(1) for many purposes, even unrelated to passphrases and security.
67 Merged changes needed for building with Visual Studio on Windows. This
68 includes a refactoring of the random passphrase generator code to make
69 it shared between platforms.
72 Significant changes between 1.4.1 and 1.5.0.
74 Updated the included wordlist to avoid some inappropriate words in
75 randomly generated passphrases while not removing any words from the
76 "word-based" check, and also to have plenty of extra words for
77 subsequent removal of more words that might be considered inappropriate
78 from the initial 4096 that are used for randomly generated passphrases.
79 Most of the added words came from EFF Diceware, BIP-0039, and our own
80 processing of Project Gutenberg Australia books.
83 Significant changes between 1.4.0 and 1.4.1.
85 Set default for "max" to 72 (was 40). The previous setting was based on
86 a reading of RFC 1939, which in practice did not matter. The new one is
87 based on bcrypt's truncation at 72, which actually still matters.
89 Documented "similar" in pwqcheck(1) help message and manual page. This
90 is a setting that was supported before and documented for other passwdqc
91 components before, but was apparently erroneously omitted from here.
94 Significant changes between 1.3.2 and 1.4.0.
96 Implemented i18n support in pam_passwdqc, contributed by Oleg Solovyov,
97 Andrey Cherepanov, and Dmitry V. Levin. The i18n support is off by
98 default, it can be enabled if Linux-PAM is built using --enable-nls
99 configure option.
101 Implemented audit support in pam_passwdqc, contributed by Oleg Solovyov
102 and Dmitry V. Levin. The audit support is off by default, it can be
103 enabled if Linux-PAM is built using --enable-audit configure option.
105 Both of these optional new features had been introduced and are enabled
106 in ALT Linux distributions, so this version is effectively upstreaming
107 the changes from there.
110 Significant changes between 1.3.1 and 1.3.2.
112 Compatibility for building with newer versions of glibc, where we now
113 have to define _DEFAULT_SOURCE for our use of crypt(3). The problem was
114 identified and this change tested by Dmitry V. Levin.
116 Clarified in the man pages that /etc/passwdqc.conf is not read unless
117 this suggested file location is specified with the config= option.
119 Clarified the OpenBSD configuration example.
121 Escape the minus sign in the OpenBSD configuration example to make the
122 man page linter happy, patch by Jackson Doak via Unit 193.