Package: postgresql Severity: important Tags: security Hi,
Debian ships a set of Perl scripts to configure for PostgreSQL server configurations, these are quite outdated and are currently configuring authentication to use MD5 when 'password' should be used instead. http://www.openwall.com/lists/oss-security/2015/03/03/12 I'd recommend to change this setting ASAP. Open to discuss. (Also applies to Ubuntu) Thanks, Aaron _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
