[krbdev.mit.edu #7021] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Sun Nov 20 00:19:46 EST 2011
A failure count interval of 0 caused krb5_ldap_lockout_check_policy to
pass the lockout check (but didn't cause a reset of the failure count
in krb5_ldap_lockout_audit). It should be treated as forever, as in
the DB2 back end.
This bug is the previously unknown cause of the assertion failure
fixed in CVE-2011-1528.
http://src.mit.edu/fisheye/changelog/krb5/?cs=25480
Commit By: ghudson
Revision: 25480
Changed Files:
U trunk/src/kadmin/cli/kadmin.M
U trunk/src/plugins/kdb/ldap/libkdb_ldap/lockout.c
More information about the krb5-bugs
mailing list