https://bugzilla.redhat.com/show_bug.cgi?id=245278 https://bugzilla.redhat.com/attachment.cgi?id=478422&action=diff https://bugzilla.redhat.com/attachment.cgi?id=478422&action=edit Thanks to Rich for his comments. Instead of doing the in-place escape, changed to duplicate the given password and work on the copy. Description: When the Admin User password is changed on the Admin Console, the console escapes the password then sends it to the Admin Server. This patch adds the apache API ap_unescape_url to mod_admserv to unescape the password before handling it. Since ap_unescape_url does the unescape in place, it duplicates the given password and escapes on the duplicated memory. -- 389-devel mailing list 389-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-devel
