2007-05-28  William Jon McCann  <mccann@jhu.edu>

        * Release 2.18.2:
        * configure.ac: Update to new release version.
	* NEWS: Updated

2007-05-10  Brian Cameron  <brian.cameron@sun.com>

	* daemon/slave.c:  Oops, fix config call to work.

2007-05-10  Brian Cameron  <brian.cameron@sun.com>

	* daemon/slave.c: Fix handling of AlwaysLoginCurrentSession and
	  DoubleLoginWarning so it works for the non-migratable case
	  (for Xnest, XDMCP, etc.).  Fixes bug #172600.

2007-05-09  Brian Cameron  <brian.cameron@sun.com>

	* daemon/misc.c: In gdm_fdgetc must used an unsigned char
	  buffer here because the GUI sends username/password data
	  as utf8 and the daemon will interpret any character sent
	  with its high bit set as EOF unless we used unsigned here.

2007-05-08  Brian Cameron  <brian.cameron@sun.com>

	* daemon/verify-pam.c: When we receive PAM_AUTHINFO_UNAVAIL
	  just display the default "authentication failed" message.
	  This ensures that the error message is the same for
	  invalid user and incorrect password, making it harder to
	  tell whether an account is a valid one or not.  Fixes
          bug #436812.  Patch by Lo\357c Minier
	  <lool+gnome@via.ecp.fr>

2007-04-11  Brian Cameron  <brian.cameron@sun.com>

        * daemon/verify-pam.c, daemon/verify-shadow.c, daemon/verify-crypt.c,
          daemon/verify.h, daemon/slave.c: Fix for bug #428630.  This was
          introduced by Ludwig Nussel when he rewrote the way the PAM logic
          works.  If you call gdm_verify_user with a userid, then it will allow
          you to retry 3 times without asking for password again to better
          support the Face Browser.  However, when we ask for root password for
          the configurator, we don't want this behavior.  This patch fixes
          this.

2007-04-09  Brian Cameron  <brian.cameron@sun.com>