Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
patchinfo.20114
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.20114
<patchinfo incident="20114"> <issue tracker="bnc" id="1186226">VUL-0: EMBARGOED: CVE-2019-18906: cryptctl: client side password hashing is equivalent to clear text password storage</issue> <issue tracker="cve" id="2019-18906"/> <packager>varkoly</packager> <rating>important</rating> <category>security</category> <summary>Security update for cryptctl</summary> <description>This update for cryptctl fixes the following issues: Update to version 2.4: - CVE-2019-18906: Client side password hashing was equivalent to clear text password storage (bsc#1186226) - First step to use plain text password instead of hashed password. - Move repository into the SUSE github organization - in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address - tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case - avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor