Package: nis Version: 3.17-34 Severity: important Tags: security, fixed-upstream
Hi, in a NIS setup where yppasswd is used to let users change the passwords, passwords cannot be longer than 8 chars. As far as I understand this results from the lack of supporting more hash algorithms like SHA2. There is are newer versions of yp-tools that claim SHA2 support. http://www.linux-nis.org/download/yp-tools/ has 2.14 and the changelog in git reads: 2010-04-20 Thorsten Kukuk <ku...@suse.de> * release version 2.11 [..] * src/yppasswd.c: Add support for MD5, SHA-256 and SHA-512. Patch by Karel Klic <kk...@redhat.com>. An update to yp-tools to the current version (2.14 for pre IPv6 or 3.13 for IPv6 at time of writing) would most likely fix this issue. As password strength affects the system, I believe this is security relevant. Best Regards, Bernhard
