[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: zope-ldapuser
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-08-19 19:53:29
Message-ID: 394439939.1007701282247609910.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Sébastien Delafond" <seb@debian.org> wrote:
> Hi,
>
> there is an authentication probleme in zope-ldapuser, where any
> password
> is accepted when attempting to log in as the emergency user (as
> defined
> in zpasswd.py). See Debian bug 593466[0] for the corresponding patch.
>
>
> [0] http://bugs.debian.org/593466
The debian bug has lots more info.
Please use CVE-2010-2944
Thanks.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic