Re: Freeze exception for sssd?
> [Petter Reinholdtsen]
>> These are the changelog entries since the version currently in
> Since my first request for a freeze exception, a serious security
> issue was discovered and fixed. I just uploaded the fix. This is the
> sssd (1.2.1-4) unstable; urgency=low
> * Add patch from Stephen Gallagher to ensure LDAP authentication
> never accept a zero length password (Closes: #594413). Solves
> -- Petter Reinholdtsen <email@example.com> Wed, 25 Aug 2010 22:33:40 +0200
Any news on this freeze exception request? I believe the sssd package
in squeeze is unreleasable with bug #594413 in place, so it would be
very nice if a fix would make it into squeeze soon.
The fix was uploaded to unstable 4 days ago, with I admit wrong
urgency low instead of high, and it would be nice if those using sssd
with LDAP authentication in Squeeze can get their security back
Luckily there are very few users of sssd according to