>
> You are correct that this is likely a security issue as it allows an
> attacker to bypass the rate limit and account lockout mechanism.
>
> I will report this and have it dealt with appropriately.
>
A patch has been developed on 389-devel. It is awaiting review:
https://pagure.io/389-ds-base/issue/49336
Thanks again,
--
Sincerely,
William Brown
Software Engineer
Red Hat, Australia/Brisbane
No comments:
Post a Comment