Bug 627038 - Incorrect handling of password expiration
Incorrect handling of password expiration
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: krb5 (Show other bugs)
5.5
All Linux
low Severity medium
: rc
: ---
Assigned To: Nalin Dahyabhai
BaseOS QE Security Team
:
Depends On: 627022
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-24 18:10 EDT by Nalin Dahyabhai
Modified: 2011-01-13 18:53 EST (History)
4 users (show)

See Also:
Fixed In Version: krb5-1.6.1-51.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 627022
Environment:
Last Closed: 2011-01-13 18:53:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Nalin Dahyabhai 2010-08-24 18:10:36 EDT
+++ This bug was initially created as a clone of Bug #627022 +++

Description of problem:

There are two occurences of this line in src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c lines 2085 and 2142:

    if ((mask & KDB_PRINC_EXPIRE_TIME_ATTR) == 1) {

KDB_PRINC_EXPIRE_TIME_ATTR is defined as 0x80, it will never == 1.

This is causing the krbPwdExpiration attribute to be ignored.

Version-Release number of selected component (if applicable):

krb5-server-1.8.2-3.fc14.x86_64
Comment 4 errata-xmlrpc 2011-01-13 18:53:20 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0098.html

Note You need to log in before you can comment on or make changes to this bug.