Date: Wed, 4 Jun 2014 21:51:57 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords Hi, Horde_Ldap released an update fixing a security issue mentioned in the changes: > [jan] SECURITY: Stricter parameter check in bind() to detect empty > passwords. https://github.com/horde/horde/commit/8f719b53b0ee2d4b8a40a770430683c98fb5f2fd fixed in 2.0.6 with commit: https://github.com/horde/horde/commit/4c3e18f1724ab39bfef10c189a5b52036a744d55 Could a CVE be assigned for this issue? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ