[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Freeze exception for sssd?



[Petter Reinholdtsen]
> These are the changelog entries since the version currently in
> testing:

Since my first request for a freeze exception, a serious security
issue was discovered and fixed.  I just uploaded the fix.  This is the
changelog:

sssd (1.2.1-4) unstable; urgency=low

  * Add patch from Stephen Gallagher to ensure LDAP authentication
    never accept a zero length password (Closes: #594413).  Solves
    CVE-2010-2940.

 -- Petter Reinholdtsen <pere@debian.org>  Wed, 25 Aug 2010 22:33:40 +0200

JFYI.

Happy hacking,
-- 
Petter Reinholdtsen


Reply to: