Are there any details or guidance available regarding the following:
https://bugzilla.redhat.com/show_bug.cgi?id=1525628
Eric Torgersen Systems Architect | Information Technology Services | Enterprise Infrastructure Services 518-442-6471 | etorgersen@albany.edu University at Albany 1400 Washington Ave | Albany, NY 12222
Confidentiality Notice: The information contained in this electronic transmission is confidential and is intended for the use of the individual(s) or entity(ies) named above only. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or reproduction of this transmission is strictly prohibited. If you have received this transmission in error, please destroy any and all copies of the transmission and notify the sender immediately.
On Mon, 2018-01-29 at 15:08 +0000, Torgersen, Eric A wrote:
Are there any details or guidance available regarding the following:
Hi,
Summary: This is very low risk for the majority of installations,
There are very limited circumstances where this can affect your deployment. You must run certain types of hashes, and must have imported them incorrectly during an ldif2db or nsslapd-allow-hashed- password: on import.
For most users who allow DS to do the hashing for you (ie ldappasswd or similar) then there is no risk.
I will communicate with RH security about this, as the issue is meant to be embargoed, but has leaked, so we must open this asap to give proper information.
Thanks,
Eric Torgersen Systems Architect | Information Technology Services | Enterprise Infrastructure Services 518-442-6471 | etorgersen@albany.edu University at Albany 1400 Washington Ave | Albany, NY 12222
Confidentiality Notice: The information contained in this electronic transmission is confidential and is intended for the use of the individual(s) or entity(ies) named above only. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or reproduction of this transmission is strictly prohibited. If you have received this transmission in error, please destroy any and all copies of the transmission and notify the sender immediately.
389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.o rg
389-users@lists.fedoraproject.org