+libpve-access-control (6.0-3) pve; urgency=medium
+
+ * fix #2433: increase possible TFA secret length
+
+ * parse user configuration: correctly parse group names in ACLs, for users
+ which begin their name with an @
+
+ * sort user.cfg entries alphabetically
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
+
+libpve-access-control (6.0-2) pve; urgency=medium
+
+ * improve CSRF verification compatibility with newer PVE
+
+ -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
+
+libpve-access-control (6.0-1) pve; urgency=medium
+
+ * ticket: properly verify exactly 5 minute old tickets
+
+ * use hmac_sha256 instead of sha1 for CSRF token generation
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
+
+libpve-access-control (6.0-0+1) pve; urgency=medium
+
+ * bump for Debian buster
+
+ * fix #2079: add periodic auth key rotation
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
+
+libpve-access-control (5.1-10) unstable; urgency=medium
+
+ * add /access/user/{id}/tfa api call to get tfa types
+
+ -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
+
+libpve-access-control (5.1-9) unstable; urgency=medium
+
+ * store the tfa type in user.cfg allowing to get it without proxying the call
+ to a higher priviledged daemon.
+
+ * tfa: realm required TFA should lock out users without TFA configured, as it
+ was done before Proxmox VE 5.4
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
+
+libpve-access-control (5.1-8) unstable; urgency=medium
+
+ * U2F: ensure we save correct public key on registration
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
+
+libpve-access-control (5.1-7) unstable; urgency=medium
+
+ * verify_ticket: allow general non-challenge tfa to be run as two step
+ call
+
+ -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
+
libpve-access-control (5.1-6) unstable; urgency=medium
* more general 2FA configuration via priv/tfa.cfg