libxcrypt update
The security update for CVE-2011-2483 broke changing
blowfish passwords if compat mode was turned on (default).
This update fixes the regression.
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5049
Fixed bugs
bnc#713727
changing password for local user not possible
CVE#CVE-2011-2483
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by
