7c5cc6c Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all]

2 files Authored by lkrispen 9 years ago, Committed by nhosoi 9 years ago,
    Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all]
    
    Fix for CVE-2014-8112
    
    	If the unhashed pw switch is set to off this should only
            prevent the generation of the unhashed#user#password
    	attribute.
    	But encoding of pw values and detiecetion which values have
    	to be deleted needs to stay intact.
    	So the check if the switch is set has to be placed close to
            the generation of the attribute in different 'if' branches
    
    Reviewed by Noriko, thanks
    
    (cherry picked from commit e5de803f4ab1b097c637c269fcc8b567e664c00d)
    (cherry picked from commit 84b8bfd7d18a0613920dce36f1d3775d75e45a3e)
    (cherry picked from commit 8603d6533d84009e13a94ce6327abfba7ae73ef4)
    
        
file modified
+22 -17