On Mon, 2018-01-29 at 15:08 +0000, Torgersen, Eric A wrote: > Are there any details or guidance available regarding the following: > > https://bugzilla.redhat.com/show_bug.cgi?id=1525628 Hi, Summary: This is very low risk for the majority of installations, There are very limited circumstances where this can affect your deployment. You must run certain types of hashes, and must have imported them incorrectly during an ldif2db or nsslapd-allow-hashed- password: on import. For most users who allow DS to do the hashing for you (ie ldappasswd or similar) then there is no risk. I will communicate with RH security about this, as the issue is meant to be embargoed, but has leaked, so we must open this asap to give proper information. Thanks, > > Eric Torgersen > Systems Architect | Information Technology Services | Enterprise > Infrastructure Services > 518-442-6471 | etorgersen@xxxxxxxxxx > University at Albany > 1400 Washington Ave | Albany, NY 12222 > > Confidentiality Notice: The information contained in this electronic > transmission is confidential and is intended for the use of the > individual(s) or entity(ies) named above only. If the reader of this > message is not the intended recipient, you are hereby notified that > any dissemination, distribution or reproduction of this transmission > is strictly prohibited. If you have received this transmission in > error, please destroy any and all copies of the transmission and > notify the sender immediately. > > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@lists.fedoraproject.o > rg -- Sincerely, William Brown Software Engineer Red Hat, Australia/Brisbane _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
