pam_sm_chauthtok in pam_winbind must not overwrite old password and new password, Since the following pam modules might use them. For example, when user change password on AD, he also wants to change password in gnome keyring, gnome keyring will use the old password and the new password.
Created attachment 4705 [details]
patch for v3-3-test
Created attachment 4706 [details]
patch for v3-4-test
Created attachment 4707 [details]
patch for v3-5-test
v3-2-test is also affected by this. But there is no release of 3.2.x any more. So I didn't create a patch for it.
+ from me. Makes perfect sense. Re-assigning to Karolin for inclusion.
Sorry, pushed to v3-5-test. :-)
Pushed to v3-4-test and v3-3-test.
Closing out bug report.