[Pkg-shadow-devel] Security fix for shadow in sarge

Christian Perrier bubulle at debian.org
Thu Jun 29 18:55:50 UTC 2006


Hello dear security team,

Back in March, after a password leaking problem was discovered first
in Ubuntu then in sarge default installs under certain conditions, a
fix for the shadow package has been sent to you. This fix needed to be
coordinated with a base-config fix which has been recently processed
for r3 inclusion.

We (shadow team) did NOT upload a fixed version of shadow anywhere.

We would like to know now whether we need to do something or if the
case is safely in your hands.

A fixed version of the package is quietly waiting on my HD if needed.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20060629/cfc5b988/attachment.pgp


More information about the Pkg-shadow-devel mailing list