|
From: | Bas van Schaik |
Subject: | Re: [OATH-Toolkit-help] libpam-oath vulnerable to replay of OTP as result of incorrectly parsing comments in users file? |
Date: | Wed, 12 Feb 2014 10:35:02 +0000 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 |
On 12/02/14 02:16, Simon Josefsson
wrote:
I think my first email (9 Dec 11:31 GMT) contains a fairly detailed description of how to reproduce this behaviour. Please let me know if you need additional info.I think it looked fine but I haven't fully analyzed it -- any chance someone could come up with a brief description of how to reproduce the problem exactly? Then I could add that recipe as a self-test in the package, apply the fix, and if that silences the self-test, I'm happy. Thanks, Bas |
[Prev in Thread] | Current Thread | [Next in Thread] |