oss-sec mailing list archives
CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords
From: Salvatore Bonaccorso <carnil () debian org>
Date: Wed, 4 Jun 2014 21:51:57 +0200
Hi, Horde_Ldap released an update fixing a security issue mentioned in the changes:
[jan] SECURITY: Stricter parameter check in bind() to detect empty passwords.
https://github.com/horde/horde/commit/8f719b53b0ee2d4b8a40a770430683c98fb5f2fd fixed in 2.0.6 with commit: https://github.com/horde/horde/commit/4c3e18f1724ab39bfef10c189a5b52036a744d55 Could a CVE be assigned for this issue? Regards, Salvatore
Current thread:
- CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords Salvatore Bonaccorso (Jun 04)
- Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords Murray McAllister (Jun 04)
- Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords Matthew Daley (Jun 09)
- Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords cve-assign (Jun 13)
- Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords Murray McAllister (Jun 04)