==========================================================Ubuntu Security Notice USN-663-1 November 05, 2008
A security issue affects the following Ubuntu releases:
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
In general, a standard system upgrade is sufficient to effect the
It was discovered that passwords changed (or new users created) via the
"Users and Groups" tool were created with 3DES hashing. This reduced the
security of stored user passwords, and was a regression from the correct
MD5 hashing. This update fixes the problem; future password changes
will correct the hashing used. We apologize for the inconvenience.