I believe this problem also exists in Hardy. Following is a log message that illustrates the issue:
Aug 14 12:34:57 ubuntumailsvr dovecot: auth(default): sql(***USERNAME OMITTED***,127.0.0.1): CRYPT(trader) != '$1$crGRJM.l$WFcCPMqyDT1AB9gkkdnyN/ Using a PHP function, I can feed the password and hash in against the CRYPT() function for a successful match. -- Dovecot Plain auth broken in 1.1.1, fixed in 1.2.1 https://bugs.launchpad.net/bugs/398733 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
