Your message dated Fri, 07 Jul 2006 11:47:03 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#375453: fixed in ldap-account-manager 1.0.3-1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: ldap-account-manager Version: 1.0.2-1.1 Severity: critical Tags: security Hello, If I save the users settings *without* going to the "Unix" settings page no errors are produced, but the users password is changed: "{crypt}*" --> "{crypt}" "{crypt}!" --> "{crypt}" "{crypt}!password" --> "{crypt}password" As far as I can tell there are no security ramifications for the first two situations, as the password is still invalid, but it very weird. Unfortunately, it appears the last case will automatically unlock a locked account even though I never told ldap-account-manager to do so. -- Brian May <[EMAIL PROTECTED]> Victorian Partnership for Advanced Computing
--- End Message ---
--- Begin Message ---Source: ldap-account-manager Source-Version: 1.0.3-1 We believe that the bug you reported is fixed in the latest version of ldap-account-manager, which is due to be installed in the Debian FTP archive: ldap-account-manager_1.0.3-1.diff.gz to pool/main/l/ldap-account-manager/ldap-account-manager_1.0.3-1.diff.gz ldap-account-manager_1.0.3-1.dsc to pool/main/l/ldap-account-manager/ldap-account-manager_1.0.3-1.dsc ldap-account-manager_1.0.3-1_all.deb to pool/main/l/ldap-account-manager/ldap-account-manager_1.0.3-1_all.deb ldap-account-manager_1.0.3.orig.tar.gz to pool/main/l/ldap-account-manager/ldap-account-manager_1.0.3.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Roland Gruber <[EMAIL PROTECTED]> (supplier of updated ldap-account-manager package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 3 Jul 2006 22:01:54 +0200 Source: ldap-account-manager Binary: ldap-account-manager Architecture: source all Version: 1.0.3-1 Distribution: unstable Urgency: low Maintainer: Roland Gruber <[EMAIL PROTECTED]> Changed-By: Roland Gruber <[EMAIL PROTECTED]> Description: ldap-account-manager - webfrontend for managing accounts in an LDAP directory Closes: 368804 368805 368806 373181 375452 375453 Changes: ldap-account-manager (1.0.3-1) unstable; urgency=low . * Updated to new upstream release. * Account expiration date wierdness (Closes: #368806) * Incorrect display of password encryption (Closes: #368805) * [intl:fr] ldap-account-manager debconf templates translation (Closes: #373181) * Invalid/Lock password auto reverts (Closes: #375453) * Invalid/Lock password options conflict (Closes: #375452) * Ack NMU. (Closes: #368804) Files: b32ccee812d5885824f2ba116e9a001c 651 web extra ldap-account-manager_1.0.3-1.dsc 6d1ebee537b61a8aae9237cbc4d49747 1544041 web extra ldap-account-manager_1.0.3.orig.tar.gz 1fce3f60225b38caac94c881435caf3c 15188 web extra ldap-account-manager_1.0.3-1.diff.gz 9c4e30e8d181cacf96c08a4add0fa7b8 1501504 web extra ldap-account-manager_1.0.3-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFErquHJdKMxZV9WM8RAn56AJ9ui1snUzCRZmWNeJ6tju35Mg95jQCcC3ju 0oHpQIzK+2HlOxJGyD2cZcg= =CEpJ -----END PGP SIGNATURE-----
--- End Message ---
