Package: adduser Version: 3.154 Severity: minor useradd from shadow 4.19.0 won't accept the user name "bob;>/hacked" any more. We use this in cronjack.t to check whether our fix for 940577 (which IIRC was also a CVE) is still effective.
For the time being, I have disabled this test in adduser. We shold make up our minds whether we would want to poke the invalid user name into /etc/passwd or whether we shrug it away and delete the test for good. Greetings Marc
