Bug 627038 - Incorrect handling of password expiration
Summary: Incorrect handling of password expiration
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: krb5
Version: 5.5
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Nalin Dahyabhai
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On: 627022
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-08-24 22:10 UTC by Nalin Dahyabhai
Modified: 2018-10-25 19:24 UTC (History)
4 users (show)

Fixed In Version: krb5-1.6.1-51.el5
Doc Type: Bug Fix
Doc Text:
Clone Of: 627022
Environment:
Last Closed: 2011-01-13 23:53:20 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:0098 0 normal SHIPPED_LIVE krb5 bug fix and enhancement update 2011-01-12 17:39:25 UTC

Description Nalin Dahyabhai 2010-08-24 22:10:36 UTC
+++ This bug was initially created as a clone of Bug #627022 +++

Description of problem:

There are two occurences of this line in src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c lines 2085 and 2142:

    if ((mask & KDB_PRINC_EXPIRE_TIME_ATTR) == 1) {

KDB_PRINC_EXPIRE_TIME_ATTR is defined as 0x80, it will never == 1.

This is causing the krbPwdExpiration attribute to be ignored.

Version-Release number of selected component (if applicable):

krb5-server-1.8.2-3.fc14.x86_64

Comment 4 errata-xmlrpc 2011-01-13 23:53:20 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0098.html


Note You need to log in before you can comment on or make changes to this bug.