Back to bug 1332709
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Noriko Hosoi | 2016-05-03 21:08:07 UTC | Status | NEW | POST |
| Arpit Tolani | 2016-05-04 22:41:18 UTC | CC | atolani | |
| Viktor Ashirov | 2016-05-05 15:33:54 UTC | Priority | unspecified | medium |
| Severity | unspecified | medium | ||
| Noriko Hosoi | 2016-05-07 23:25:16 UTC | Status | POST | MODIFIED |
| Fixed In Version | 389-ds-base-1.3.5.3-1.el7 | |||
| errata-xmlrpc | 2016-05-07 23:29:03 UTC | Status | MODIFIED | ON_QA |
| Punit Kundal | 2016-05-17 12:53:45 UTC | Status | ON_QA | VERIFIED |
| CC | pkundal | |||
| Noriko Hosoi | 2016-06-03 20:08:42 UTC | Doc Text | Cause: When an administrator resets a password of a user, the current password is not stored in the password history. Consequence: This incorrectly allows the user to reuse the previous password after the reset. Fix: When a password is being reset by an administrator, it modified to grab the old password so we can correctly update the password history. Result: The user is not allowed to reuse the previous password after the reset by an administrator. |
|
| Punit Kundal | 2016-06-06 04:12:49 UTC | CC | pkundal | |
| Petr Bokoc | 2016-07-26 14:49:45 UTC | CC | pbokoc | |
| Doc Text | Cause: When an administrator resets a password of a user, the current password is not stored in the password history. Consequence: This incorrectly allows the user to reuse the previous password after the reset. Fix: When a password is being reset by an administrator, it modified to grab the old password so we can correctly update the password history. Result: The user is not allowed to reuse the previous password after the reset by an administrator. | When a user password was reset by an administrator, the old password was previously not stored in the user's password history. This allowed the user to reuse the same password after the reset. With this update, resetting a password also stores it in password history, and the user must use a different password. | ||
| Petr Bokoc | 2016-08-01 11:49:44 UTC | Docs Contact | pbokoc | |
| Doc Text | When a user password was reset by an administrator, the old password was previously not stored in the user's password history. This allowed the user to reuse the same password after the reset. With this update, resetting a password also stores it in password history, and the user must use a different password. | Passwords reset by administrators are now stored in password history When a user password was reset by an administrator, the old password was previously not stored in the user's password history. This allowed the user to reuse the same password after the reset. With this update, passwords reset manually by administrators are stored in password history, and the user must use a different password. |
||
| errata-xmlrpc | 2016-11-02 12:26:37 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2016-11-03 20:41:44 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-03 16:41:44 UTC | |||
| Simon Pichugin | 2020-09-13 21:43:28 UTC | Link ID | Github 389ds/389-ds-base/issues/1873 |
Back to bug 1332709