[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [OATH-Toolkit-help] libpam-oath vulnerable to replay of OTP as resul
From: |
Simon Josefsson |
Subject: |
Re: [OATH-Toolkit-help] libpam-oath vulnerable to replay of OTP as result of incorrectly parsing comments in users file? |
Date: |
Mon, 16 Dec 2013 21:43:07 +0100 |
Thanks for the report and looking into this issue. Alas the timing
here was bad, and I am just returning from vacation and must finish
several things before season holidays -- if someone has worked out a
patch and can do testing that it works and solves the problem I can
review and apply and release it. Ilkka, how much have you tested your
patch?
Thanks,
/Simon