Date: Thu, 18 Apr 2002 05:17:27 +0400 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com Subject: pam_passwdqc 0.5, popa3d 0.5.1, Linux 2.4.18-ow0 Hi, This message is to announce three updates at once. First, there's a new version of pam_passwdqc, the password strength checking PAM module. Version 0.5 adds support for OpenPAM as found on FreeBSD-current, thanks to Dag-Erling Smorgrav. It also became a part of FreeBSD. Although in the updated PLATFORMS file I said that FreeBSD's passwd(1) doesn't yet use PAM, that already has changed (2 days ago, I am quite slow at announcing stuff as you can see). The URL for pam_passwdqc is as usual: http://www.openwall.com/passwdqc/ Then, there's also a new version of popa3d, 0.5.1. It changes how unique IDs (for the UIDL command in POP3 protocol) are generated, adding support for multi-line message headers and reconsidering which headers to use. Without this change, the generated IDs wouldn't always be unique when running with certain (common) MTAs. I know that to make such a change is not nice to the existing userbase but, well, I had to. The new code also adds support for an X-Delivery-ID: header which is to be used by local delivery agents to help generate unique IDs. The URL is: http://www.openwall.com/popa3d/ Of course, both the new pam_passwdqc and the new popa3d are already a part of Owl-current as available on the FTP mirrors. And last but not least, I've put out the long awaited testing version of a Linux 2.4 kernel patch with my usual set of security "hardening" features. I know this has already taken too long so I am releasing it without the planned review of parts of the Linux 2.4 kernel which were known to be problematic in 2.0 and/or 2.2 kernels. That is yet to be done. For that reason I will also be not very fast at fixing bugs in the patch and even slower at fixing Linux 2.4 kernel vulnerabilities which may become publicly known, with updated versions of the patch. Thus, I don't recommend the patch for actual use. It is being made available for public testing, only. This and the more stable Linux 2.2 and 2.0 patches are available at: http://www.openwall.com/linux/ -- /sd
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.