Hello all,
First let me apologies to Andreas for the lack of answer to his previous
mail. 2020 drained all my energy and motivation.
So thanks for your work Andreas!
On Thu, 19 Nov 2020 16:15:42 +0100 Marco d'Itri <m...@linux.it> wrote:
> On Jan 05, Marco d'Itri <m...@linux.it> wrote:
>
> > Now that Debian has libxcrypt in place of the old crypt(3)
> > implementation from glibc, we need a newer version of the PAM
package to
> > actually use the modern password hashing methods.
> Can we get some feedback on this issue? The bug has been marked as
> pending since august but there has been no upload or comments since
> then.
> The freeze is close and I really do not want to miss again supporting
> strong password hashing.
Strong password hashing is one thing, but src:pam now FTBFS due to some
libselinux changes. I'm also hearing that there are bad interactions
between the current version of PAM and SELinux, these should be fixed in
1.4.0
So IMVHO, we need to update to at least 1.4.0 at least before the release.
Kind regards,
Laurent Bigonville
