Debian Patches

Status for golang-github-go-ldap-ldap/2.5.1-4

Search:

Patch	Description	Author	Forwarded	Bugs	Origin	Last update
0002-Require-explicit-intention-for-empty-password.patch	Require explicit intention for empty password. This is normally used for unauthenticated bind, and https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends: > Clients SHOULD disallow an empty password input to a Name/Password > Authentication user interface This is a cherry-pick of 95ede12 from upstream, which fixes CVE-2017-14623. https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66	"Dr. Tobias Quathamer" <toddy@debian.org>	no			2017-11-29
disable-internet-tests.patch	disable-internet-tests	Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>	no			2017-11-29

Showing 1 to 2 of 2 entries