+libpve-access-control (7.3-2) bullseye; urgency=medium
+
+ * fix #4518: dramatically improve ACL computation performance
+
+ * userid format: clarify that this is the full name@realm in description
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 06 Mar 2023 11:40:11 +0100
+
+libpve-access-control (7.3-1) bullseye; urgency=medium
+
+ * realm: sync: allow explicit 'none' for 'remove-vanished' option
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 16 Dec 2022 13:11:04 +0100
+
+libpve-access-control (7.2-5) bullseye; urgency=medium
+
+ * api: realm sync: avoid separate log line for "remove-vanished" opt
+
+ * auth ldap/ad: compare group member dn case-insensitively
+
+ * two factor auth: only lock tfa config for recovery keys
+
+ * privs: add Sys.Incoming for guarding cross-cluster data streams like guest
+ migrations and storage migrations
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 17 Nov 2022 13:09:17 +0100
+
+libpve-access-control (7.2-4) bullseye; urgency=medium
+
+ * fix #4074: increase API OpenID code size limit to 2048
+
+ * auth key: protect against rare chance of a double rotation in clusters,
+ leaving the potential that some set of nodes have the earlier key cached,
+ that then got rotated out due to the race, resulting in a possible other
+ set of nodes having the newer key cached. This is a split view of the auth
+ key and may resulting in spurious failures if API requests are made to a
+ different node than the ticket was generated on.
+ In addition to that, the "keep validity of old tickets if signed in the
+ last two hours before rotation" logic was disabled too in such a case,
+ making such tickets invalid too early.
+ Note that both are cases where Proxmox VE was too strict, so while this
+ had no security implications it can be a nuisance, especially for
+ environments that use the API through an automated or scripted way
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 14 Jul 2022 08:36:51 +0200
+
+libpve-access-control (7.2-3) bullseye; urgency=medium
+
+ * api: token: use userid-group as API perm check to avoid being overly
+ strict through a misguided use of user id for non-root users.
+
+ * perm check: forbid undefined/empty ACL path for future proofing of against
+ above issue
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 20 Jun 2022 15:51:14 +0200
+
+libpve-access-control (7.2-2) bullseye; urgency=medium
+
+ * permissions: merge propagation flag for multiple roles on a path that
+ share privilege in a deterministic way, to avoid that it gets lost
+ depending on perl's random sort, which would result in returing less
+ privileges than an auth-id actually had.
+
+ * permissions: avoid that token and user privilege intersection is to strict
+ for user permissions that have propagation disabled.
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2022 14:02:30 +0200
+
+libpve-access-control (7.2-1) bullseye; urgency=medium
+
+ * user check: fix expiration/enable order
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 31 May 2022 13:43:37 +0200
+
+libpve-access-control (7.1-8) bullseye; urgency=medium
+
+ * fix #3668: realm-sync: replace 'full' & 'purge' with 'remove-
+ vanished'
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 28 Apr 2022 17:02:46 +0200
+
+libpve-access-control (7.1-7) bullseye; urgency=medium
+
+ * userid-group check: distinguish create and update
+
+ * api: get user: declare token schema
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 21 Mar 2022 16:15:23 +0100
+
+libpve-access-control (7.1-6) bullseye; urgency=medium
+
+ * fix #3768: warn on bad u2f or webauthn settings
+
+ * tfa: when modifying others, verify the current user's password
+
+ * tfa list: account for admin permissions
+
+ * fix realm sync permissions
+
+ * fix token permission display bug
+
+ * include SDN permissions in permission tree
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 21 Jan 2022 14:20:42 +0100
+
+libpve-access-control (7.1-5) bullseye; urgency=medium
+
+ * openid: fix username-claim fallback
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 25 Nov 2021 07:57:38 +0100
+
+libpve-access-control (7.1-4) bullseye; urgency=medium
+
+ * set current origin in the webauthn config if no fixed origin was
+ configured, to support webauthn via subdomains
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 22 Nov 2021 14:04:06 +0100
+
+libpve-access-control (7.1-3) bullseye; urgency=medium
+
+ * openid: allow arbitrary username-claims
+
+ * openid: support configuring the prompt, scopes and ACR values
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 19 Nov 2021 08:11:52 +0100
+
+libpve-access-control (7.1-2) bullseye; urgency=medium
+
+ * catch incompatible tfa entries with a nice error
+
+ -- Proxmox Support Team <support@proxmox.com> Wed, 17 Nov 2021 13:44:45 +0100
+
+libpve-access-control (7.1-1) bullseye; urgency=medium
+
+ * tfa: map HTTP 404 error in get_tfa_entry correctly
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 15 Nov 2021 15:33:22 +0100
+
+libpve-access-control (7.0-7) bullseye; urgency=medium
+
+ * fix #3513: pass configured proxy to OpenID
+
+ * use rust based parser for TFA config
+
+ * use PBS-like auth api call flow,
+
+ * merge old user.cfg keys to tfa config when adding entries
+
+ * implement version checks for new tfa config writer to ensure all
+ cluster nodes are ready to avoid login issues
+
+ * tickets: add tunnel ticket
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
+
+libpve-access-control (7.0-6) bullseye; urgency=medium
+
+ * fix regression in user deletion when realm does not enforce TFA
+
+ -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
+
+libpve-access-control (7.0-5) bullseye; urgency=medium
+
+ * acl: check path: add /sdn/vnets/* path
+
+ * fix #2302: allow deletion of users when realm enforces TFA
+
+ * api: delete user: disable user first to avoid surprise on error during the
+ various cleanup action required for user deletion (e.g., TFA, ACL, group)
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
+
+libpve-access-control (7.0-4) bullseye; urgency=medium
+
+ * realm: add OpenID configuration
+
+ * api: implement OpenID related endpoints
+
+ * implement opt-in OpenID autocreate user feature
+
+ * api: user: add 'realm-type' to user list response
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
+
+libpve-access-control (7.0-3) bullseye; urgency=medium
+
+ * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
+ `/sdn/zones/<zone>` to allowed ACL paths
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
+
+libpve-access-control (7.0-2) bullseye; urgency=medium
+
+ * fix #3402: add Pool.Audit privilege - custom roles containing
+ Pool.Allocate must be updated to include the new privilege.
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
+
+libpve-access-control (7.0-1) bullseye; urgency=medium
+
+ * re-build for Debian 11 Bullseye based releases
+
+ -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
+
+libpve-access-control (6.4-1) pve; urgency=medium
+
+ * fix #1670: change PAM service name to project specific name
+
+ * fix #1500: permission path syntax check for access control
+
+ * pveum: add resource pool CLI commands
+
+ -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
+
+libpve-access-control (6.1-3) pve; urgency=medium
+
+ * partially fix #2825: authkey: rotate if it was generated in the
+ future
+
+ * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
+ insensitive
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
+
+libpve-access-control (6.1-2) pve; urgency=medium
+
+ * also check SDN permission path when computing coarse permissions heuristic
+ for UIs
+
+ * add SDN Permissions.Modify
+
+ * add VM.Config.Cloudinit
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
+
+libpve-access-control (6.1-1) pve; urgency=medium
+
+ * pveum: add tfa delete subcommand for deleting user-TFA
+
+ * LDAP: don't complain about missing credentials on realm removal
+
+ * LDAP: skip anonymous bind when client certificate and key is configured
+
+ -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
+
libpve-access-control (6.0-7) pve; urgency=medium
* fix #2575: die when trying to edit built-in roles
* add realm sub commands to pveum CLI tool
- * api: domains: add user group sync API enpoint
+ * api: domains: add user group sync API endpoint
* allow one to sync and import users and groups from LDAP/AD based realms
libpve-access-control (5.1-9) unstable; urgency=medium
* store the tfa type in user.cfg allowing to get it without proxying the call
- to a higher priviledged daemon.
+ to a higher privileged daemon.
* tfa: realm required TFA should lock out users without TFA configured, as it
was done before Proxmox VE 5.4
libpve-access-control (3.0-3) unstable; urgency=low
- * Add new role PVETemplateUser (and VM.Clone priviledge)
+ * Add new role PVETemplateUser (and VM.Clone privilege)
-- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
libpve-access-control (1.0-18) unstable; urgency=low
- * fix bug #151: corretly parse username inside ticket
+ * fix bug #151: correctly parse username inside ticket
* fix bug #152: allow user to change his own password
libpve-access-control (1.0-3) unstable; urgency=low
* add support for delayed parameter parsing - We need that to disable
- file upload for normal API request (avoid DOS attacs)
+ file upload for normal API request (avoid DOS attacks)
-- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100