Package: postgresql Severity: important Tags: security Hi,
Debian ships a set of Perl scripts to configure for PostgreSQL server configurations, these are quite outdated and are currently configuring authentication to use MD5 when 'password' should be used instead. http://www.openwall.com/lists/oss-security/2015/03/03/12 I'd recommend to change this setting ASAP. Open to discuss. (Also applies to Ubuntu) Thanks, Aaron _______________________________________________ Pkg-postgresql-public mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public
