[Pkg-postgresql-public] Bug#779683: postgresql: pg_hba scripts (mis)configures for MD5 authentication
Aaron Zauner
azet at azet.org
Wed Mar 4 00:15:46 UTC 2015
Package: postgresql
Severity: important
Tags: security
Hi,
Debian ships a set of Perl scripts to configure for PostgreSQL server
configurations, these are quite outdated and are currently configuring
authentication to use MD5 when 'password' should be used instead.
http://www.openwall.com/lists/oss-security/2015/03/03/12
I'd recommend to change this setting ASAP. Open to discuss.
(Also applies to Ubuntu)
Thanks,
Aaron
More information about the Pkg-postgresql-public
mailing list