Package: shadow Severity: normal Tags: security sarge sid It appears that, for some mysterious reason, the patch we applied in 4.0.3-30.3 for shadow is currently NOT applied in 4.0.3-31sarge4.
As a consequence, the version of shadow in sarge IS affected and I hereby tag this bug as release critical. I'm preparing an urgent upload to t-p-u to fix this. The next upload to the unstable branch will also fix shadow there Martin and security team people, CAN-2004-1001 stated that sid (and now sarge) are fixed, which they were back in November 2004. I'm very probably responsible for the mistake at some moment in the complicated life of the shadow package these months. Please receive my apologies for the possible extra work if a security announcement is to be issued. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.8-2-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]