Your message dated Sun, 05 Jul 2009 19:15:50 +0000
with message-id <e1mnxbm-0005z2...@ries.debian.org>
and subject line Bug#531958: fixed in mozilla-pwdhash 1.6-1
has caused the Debian Bug report #531958,
regarding ITP: mozilla-pwdhash -- Per-site password generator for Iceweasel and
Iceape
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
531958: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531958
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wnpp
Severity: wishlist
Owner: Francois Marier <franc...@debian.org>
* Package name : mozilla-pwdhash
Version : 1.6
Upstream Author : Collin Jackson <coll...@cs.stanford.edu>
* URL : http://crypto.stanford.edu/PwdHash/
* License : BSD
Programming Lang: Javascript
Description : Per-site password generator for Iceweasel and Iceape
PwdHash is an browser extension that transparently converts a user's password
into a domain-specific password. The user can activate this hashing by choosing
passwords that start with a special prefix (@@) or by pressing a special
password
key (F2). PwdHash automatically replaces the contents of these password fields
with a one-way hash of the pair (password, domain-name). As a result, the site
only sees a domain-specific hash of the password, as opposed to the password
itself. A break-in at a low security site exposes password hashes rather than an
actual password. We emphasize that the hash function we use is public and can be
computed on any machine which enables users to login to their web accounts from
any machine in the world. Hashing is done using a Pseudo Random Function (PRF).
A major benefit of PwdHash is that it provides a defense against password
phishing scams. In a phishing scam, users are directed to a spoof web site where
they are asked to enter their username and password. SpoofGuard is a browser
extension that alerts the user when a phishing page is encountered. PwdHash
complements SpoofGuard in defending users from phishng scams: using PwdHash the
phisher only sees a hash of the password specific to the domain hosting the
spoof page. This hash is useless at the site that the phisher intended to spoof.
--- End Message ---
--- Begin Message ---
Source: mozilla-pwdhash
Source-Version: 1.6-1
We believe that the bug you reported is fixed in the latest version of
mozilla-pwdhash, which is due to be installed in the Debian FTP archive:
mozilla-pwdhash_1.6-1.diff.gz
to pool/main/m/mozilla-pwdhash/mozilla-pwdhash_1.6-1.diff.gz
mozilla-pwdhash_1.6-1.dsc
to pool/main/m/mozilla-pwdhash/mozilla-pwdhash_1.6-1.dsc
mozilla-pwdhash_1.6-1_all.deb
to pool/main/m/mozilla-pwdhash/mozilla-pwdhash_1.6-1_all.deb
mozilla-pwdhash_1.6.orig.tar.gz
to pool/main/m/mozilla-pwdhash/mozilla-pwdhash_1.6.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 531...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Francois Marier <franc...@debian.org> (supplier of updated mozilla-pwdhash
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 05 Jun 2009 22:40:27 +1200
Source: mozilla-pwdhash
Binary: mozilla-pwdhash
Architecture: source all
Version: 1.6-1
Distribution: unstable
Urgency: low
Maintainer: Francois Marier <franc...@debian.org>
Changed-By: Francois Marier <franc...@debian.org>
Description:
mozilla-pwdhash - per-site password generator for Mozilla browsers
Closes: 531958
Changes:
mozilla-pwdhash (1.6-1) unstable; urgency=low
.
* Initial release (Closes: #531958)
Checksums-Sha1:
a6ef36868a49987c28629022fe421fef103113f5 1186 mozilla-pwdhash_1.6-1.dsc
79c9417ea4b74a89a66852ca676c35f991d5f570 13265 mozilla-pwdhash_1.6.orig.tar.gz
8de67ba3928afc2473c92e0cb45687f42519c620 3593 mozilla-pwdhash_1.6-1.diff.gz
77a09bd1a1ab3cac09523b308abef490ccdc778e 16256 mozilla-pwdhash_1.6-1_all.deb
Checksums-Sha256:
9b9ed65649d922dcd773c64dcfb9d9e5d11fd2893ccedd7e6b0085707e2b6dc5 1186
mozilla-pwdhash_1.6-1.dsc
e297e84cc6888c61e96c136f6eb1d48d2b13088a75c6fae6822020c5445ba2d3 13265
mozilla-pwdhash_1.6.orig.tar.gz
942bcf6b33f4fe326143629397afba93f4dc31e16d67d81257a934bc157724eb 3593
mozilla-pwdhash_1.6-1.diff.gz
9a93a797fc98beb4a41b8f8941f9446c91dda0f2f15efec70ea3978077d786b2 16256
mozilla-pwdhash_1.6-1_all.deb
Files:
288ad339ed98bc4eb766b3b6f1fb21ab 1186 web extra mozilla-pwdhash_1.6-1.dsc
b5a68b371e23cdd70ca67be3ecf91091 13265 web extra
mozilla-pwdhash_1.6.orig.tar.gz
894282253912e77ff8f94e90702d4227 3593 web extra mozilla-pwdhash_1.6-1.diff.gz
de108cff5b1a575d3577980057393f79 16256 web extra mozilla-pwdhash_1.6-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkop2EcACgkQScUZKBnQNIbcLACfSTU+NqPYDsIZbRx98cCHdFkB
kQkAn1+Fodvg7TRkRE2IteToStZxpbvI
=5Mw+
-----END PGP SIGNATURE-----
--- End Message ---
