Package: cpu Version: 1.4.3-11.2 Severity: important Tags: upstream "cpu usermod -p …" offers the set a new password for the user. But cpu can't know how the LDAP server wants to store the password in the userPassword attribute.
Depending on the password-hash slapd config option it may choose to use MD5, …, and even cleartext. cpu does not obey this setting. This breaks applications that use LDAP authentication with challenge response methods. IMHO cpu should use "ldappasswd" or a similiar API call to set the password. -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (990, 'testing'), (500, 'stable-updates'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.6-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

