2018/02/15 16:51 eric@pc-eric-l * released shadow-4.5-flx2.2 * compile with PAM support 2016/09/16 18:26 willy@wtap.local * released shadow-4.0.7-flx2.7 * added support for aarch64 2016/02/24 18:25 willy@wtap.local * released shadow-4.0.7-flx2.6 * fixed a vulnerability caused by crypt() returning EINVAL on short salts, resulting in the ability to scan for active accounts by checking whether "Login incorrect" or "crypt: invalid argument" was returned. Also the invalid argument happened to be faster, making it even easier to scan accounts. 2016/02/24 17:51 willy@wtap.local * don't emit "crypt: invalid argument" on each bad password 2015/03/24 11:19 emeric@ebr-laptop * released shadow-4.0.7-flx2.5 * Force unused C++ preprocessor to pass configure checks 2014/06/06 17:43 emeric@ebr-desktop * released shadow-4.0.7-flx2.4 * Remove previous added header specific to aloha 2013/12/16 18:42 roberto@pierot * released shadow-4.0.7-flx2.3 * warning header in /etc/login.defs 2011/11/07 22:43 willy@wtap * released shadow-4.0.7-flx2.2 * an open() call was missing the mode argument, which was caught by a more recent glibc. 2011/08/03 11:01 wlallemand@wlallemand-desktop * released shadow-4.0.7-flx1.2 * x86_64 2010/12/06 16:25 emeric@ebr-laptop * released shadow-4.0.7-flx1.1