2014-04-13 - Russ Allbery <email@example.com>
libpam-krb5 (4.6-3) unstable; urgency=medium
* Drop version qualifications on Build-Depends that are satisfied by
stable. Drop version qualifications on Depends that are satisfied by
* Add the upstream release signing key and verify it in debian/watch.
* Prefer *.tar.xz in debian/watch to match packaging.
* Convert debian/copyright to copyright-format 1.0.
* Specify the Debian packaging branch in the Vcs-Git control field.
* Update standards version to 3.9.5 (no changes required).
2013-06-23 - Russ Allbery <firstname.lastname@example.org>
libpam-krb5 (4.6-2) unstable; urgency=low
* Apply upstream patch to add AM_PROG_AR to configure.ac, now apparently
required by Automake for the binutils in unstable. (Closes: #713296)
* Apply upstream patch to build with largefile support. This is
probably pointless for this module, but consistency is good.
* Canonicalize the Vcs-Git and Vcs-Browser URLs.
* Update standards version to 3.9.4 (no changes required).
2012-06-02 - Russ Allbery <email@example.com>
libpam-krb5 (4.6-1) unstable; urgency=low
* New upstream release.
- New anon_fast option to attempt anonymous authentication and use
those credentials to provide FAST armor. (Closes: #626509)
- New user_realm option to set the realm for unqualified user
principals without changing the default realm for all other
- New no_prompt option to suppress PAM prompting in favor of letting
the Kerberos library handle it. (Closes: #626506)
- New silent option that duplicates the behavior of PAM_SILENT.
- New trace option for preliminary support of Kerberos trace logging.
- Fix the doubled colon in password prompts from Heimdal.
- Preserve the realm of the authentication identity when forming an
- Allow the alt_auth_map format to contain a realm to force all mapped
principals to be in that realm.
- Avoid a NULL pointer dereference if krb5_init_context fails.
- Close memory leaks in search_k5login and alt_auth_map.
- Suppress bogus error messages about the realm option.
- Retry authentication under try_first_pass for several other error
* Regenerate the Autotools build system with dh-autoreconf.
* Add krb5-config to Build-Depends so that the test programs don't abort
with errors about not having a Kerberos configuration.
* Switch to xz compression for the upstream and Debian tarballs.
* Enable parallel builds.
* Update standards version to 3.9.3 (no changes required).
2012-02-04 - Russ Allbery <firstname.lastname@example.org>
libpam-krb5 (4.5-4) unstable; urgency=low
* Enable bindnow hardening flags and fix the syntax of the
* Bump debhelper dependency to 9 now that compatibility mode V9 is no
* Move single-debian-patch to local-options and patch-header to
local-patch-header so that they only apply to the packages I build and
NMUs get regular version-numbered patches.
2012-01-03 - Russ Allbery <email@example.com>
libpam-krb5 (4.5-3) unstable; urgency=low
* Fix build rule to not override CPPFLAGS, which deactivates some of the
options passed in by dpkg-buildflags. Instead, use --with-krb5-lib
and --with-krb5-include to locate the Kerberos headers and libraries.
Thanks, Moritz Muehlenhoff. (Closes: #654293)
2011-12-26 - Russ Allbery <firstname.lastname@example.org>
libpam-krb5 (4.5-2) unstable; urgency=low
* Cherry-pick upstream patch to fix initialization of krb5_deltat
defaults on systems where krb5_deltat is not a long. Should fix FTBFS