Advisories » MGASA-2020-0038

Updated makepasswd fix insecure default length of password

Publication date: 13 Jan 2020
Modification date: 13 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2010-2247

Description

Updated makepasswd fix insecure default length of password 

By default, makepasswd generates password with a length between 6 to 8
characters (48 to 64bits). This update raise the default to 16 characters
(128 bits).

The length can be changed at runtime with the -l option.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26060
• https://bugzilla.redhat.com/show_bug.cgi?id=1771883
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2247

SRPMS

7/core

• makepasswd-0.5.4-2.1.mga7