*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge
(jdstrand):
Binary package hint: makepasswd
makepasswd doesn't use /dev/random to generate the password as the
description claims, but only uses /dev/random to generate a 32bit seed
for the insecure srand/rand functions. This limits it to a pool of just
2**32 possible passwords which is much less the it should be able to
produce given the default length of 6-8 characters (which also sounds
rather short) out of a collection of 58.
** Affects: makepasswd (Ubuntu)
Importance: Undecided
Status: New
--
Does not generate random passwords
https://bugs.launchpad.net/bugs/237251
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
