2026-01-27  Simon Josefsson  <simon@josefsson.org>

	version 2.6.14
	* NEWS: Record release date.

	ci: Disable xmlsec engine on rawhide due to RSA-SHA1

	doc: Mention pam_oath null_usersfile_okay in NEWS

2026-01-27  Luna  <luna.dragon@suse.com>
	    Jan Zerebecki  <jzerebecki@suse.com>
	    Miika Alikirri  <miika.alikirri@suse.com>

	pam_oath: add null_usersfile_okay parameter to pam_oath
	Closes: #94

2026-01-27  Luna  <luna.dragon@suse.com>

	oathtool: check for gengetopt cli tool

2026-01-27  Simon Josefsson  <simon@josefsson.org>

	maint: Bump old_NEWS_hash after copyright update

	ci: Add Fedora rawhide, to possibly reproduce glibc 2.43 issue

2026-01-27  Simon Josefsson  <simon@josefsson.org>

	ci: Use GnuTLS XMLSEC engine on OpenBSD
	Ironically there seems to be some issue with the OpenSSL engine
	on OpenBSD for verifying PSKC signatures, but GnuTLS works fine.

	+ ../pskctool --verify --quiet --verify-crt ./pskc-root-crt.pem tmp-signed.xml

	FAIL: tst_sign.sh
	=================

	func=xmlSecOpenSSLX509StoreVerifyCert:file=x509vfy.c:line=741:obj=unknown:subj=unknown:error=75:certificate is not yet valid:subject=/CN=My PSKC root; issuer=/CN=My PSKC root; err=13; msg=format error in certificate's notBefore field
	func=xmlSecKeysMngrGetKey:file=keys.c:line=1344:obj=unknown:subj=unknown:error=45:key is not found:details=NULL
	func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=822:obj=unknown:subj=unknown:error=45:key is not found:details=NULL
	func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed:
	func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed:
	pskctool: verifying PSKC data: error returned from XMLSec library
	FAIL tst_sign.sh (exit status: 1)

2026-01-27  Simon Josefsson  <simon@josefsson.org>

	maint: Bump copyright years

	ci: More macOS gnu-tar fixes for reproducibility

	ci: Drop obsolete gnulib exclude paths

	ci: Fix macOS tar usage for reproducibility

	ci: Use debian13 for coverage job

	ci: Add libdigest-sha3-perl for gnulib announce-gen

	doc: Add NEWS entries

	pam_oath: Improve README wrt KbdInteractiveAuthentication

2026-01-27  lvgenggeng  <lvgenggeng@uniontech.com>

	Use KbdInteractiveAuthentication when possible Ref: https://github.com/openssh/openssh-portable/commit/37616807f150fb46610bbd5031c31af4857ad1e9
	Closes #112

2026-01-27  Simon Josefsson  <simon@josefsson.org>

	ci: Bump automake to 1.18 for OpenBSD

	 ci: Improve macOS tarball reproducibility

	ci: Drop interruptible flag

	maint: Bump gnulib version

2026-01-21  Simon Josefsson  <simon@josefsson.org>

	ci: Use Ubuntu rolling instead of EOL'd 24.10

	ci: Use nightly and disable CA checking
	$ wget.exe -nv -O msys2.exe https://github.com/msys2/msys2-installer/releases/download/2025-02-21/msys2-base-x86_64-20250221.sfx.exe
	ERROR: cannot verify github.com's certificate, issued by 'CN=Sectigo Public Server Authentication CA DV E36,O=Sectigo Limited,C=GB':
	  Unable to locally verify the issuer's authority.
	To connect to github.com insecurely, use `--no-check-certificate'.

2025-07-29  Simon Josefsson  <simon@josefsson.org>

	maint: post-release administrivia
	* NEWS: Add header line for next release.
	* .prev-version: Record previous version.
	* cfg.mk (old_NEWS_hash): Auto-update.

	version 2.6.13
	* NEWS: Record release date.


See the source repo for older entries
