Candidate: CVE-2011-0009
PublicDate: 2011-01-25 19:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0009
Description:
 Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4
 uses the MD5 algorithm for password hashes, which makes it easier for
 context-dependent attackers to determine cleartext passwords via a
 brute-force attack on the database.
Ubuntu-Description:
Notes:
 jdstrand> for Lucid, please test packages in lucid-proposed and report
  in https://launchpad.net/bugs/750339
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_request-tracker3.8:
 debdiff: https://launchpad.net/bugs/750339
upstream_request-tracker3.8: released (3.8.9rc2)
dapper_request-tracker3.8: DNE
hardy_request-tracker3.8: DNE
karmic_request-tracker3.8: ignored (reached end-of-life)
lucid_request-tracker3.8: released (3.8.7-1ubuntu2.2)
maverick_request-tracker3.8: released (3.8.8-4ubuntu0.1)
natty_request-tracker3.8: released (3.8.10-1)
oneiric_request-tracker3.8: not-affected
precise_request-tracker3.8: not-affected
quantal_request-tracker3.8: DNE
raring_request-tracker3.8: DNE
devel_request-tracker3.8: DNE

Patches_request-tracker3.6:
upstream_request-tracker3.6: released (3.8.9rc2)
dapper_request-tracker3.6: DNE
hardy_request-tracker3.6: pending (3.6.5-1ubuntu0.1)
karmic_request-tracker3.6: ignored (reached end-of-life)
lucid_request-tracker3.6: DNE
maverick_request-tracker3.6: DNE
natty_request-tracker3.6: DNE
oneiric_request-tracker3.6: DNE
precise_request-tracker3.6: DNE
quantal_request-tracker3.6: DNE
raring_request-tracker3.6: DNE
devel_request-tracker3.6: DNE

Patches_request-tracker3.4:
upstream_request-tracker3.4: released (3.8.9rc2)
dapper_request-tracker3.4: ignored (reached end-of-life)
hardy_request-tracker3.4: DNE
karmic_request-tracker3.4: DNE
lucid_request-tracker3.4: DNE
maverick_request-tracker3.4: DNE
natty_request-tracker3.4: DNE
oneiric_request-tracker3.4: DNE
precise_request-tracker3.4: DNE
quantal_request-tracker3.4: DNE
raring_request-tracker3.4: DNE
devel_request-tracker3.4: DNE