diff options
Diffstat (limited to 'devel/rt3/MESSAGE')
| -rw-r--r-- | devel/rt3/MESSAGE | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/devel/rt3/MESSAGE b/devel/rt3/MESSAGE index d60edc2692a..6acc3effe73 100644 --- a/devel/rt3/MESSAGE +++ b/devel/rt3/MESSAGE @@ -1,5 +1,5 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.3 2006/05/01 09:38:08 cube Exp $ +$NetBSD: MESSAGE,v 1.4 2011/02/26 20:58:15 spz Exp $ You must configure RT by editing ${PKG_SYSCONFDIR}/RT_SiteConfig.pm. @@ -30,5 +30,20 @@ You might also want to clear the Mason cache: rm -Rf ${RTVARDIR}/mason_data/obj +UPGRADING FROM 3.8.8 and earlier: + +Previous versions of RT used a password hashing scheme which was too +easy to reverse, which could allow attackers with read access to the +RT database to possibly compromise users' passwords. Even if RT does +no password authentication itself, it may still store these weak +password hashes -- using ExternalAuth does not guarantee that you are +not vulnerable! To upgrade stored passwords to a stronger hash, run: + + perl ${RTSHAREDIR}/etc/upgrade/vulnerable-passwords + +at this point. + +For other upgrading actions, see ${RTSHAREDIR}/etc/upgrade/UPGRADING + See also the manual on ${HOMEPAGE}docs.html =========================================================================== |