Univention Bugzilla – Attachment 7317 Details for
Bug 39939
Self Service allows scanning for usernames
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Change reply to the same as with bad password.
univention-self-service_-_do_not_reveal_unknown_usernames_-_39939.patch (text/plain), 1.70 KB, created by
Daniel Tröder
on 2015-11-25 10:43:51 CET
(
hide
)
Description:
Change reply to the same as with bad password.
Filename:
MIME Type:
Creator:
Daniel Tröder
Created:
2015-11-25 10:43:51 CET
Size:
1.70 KB
patch
obsolete
>Index: debian/changelog >=================================================================== >--- debian/changelog (Revision 65883) >+++ debian/changelog (Arbeitskopie) >@@ -1,3 +1,9 @@ >+univention-self-service (1.0.2-29) unstable; urgency=low >+ >+ * Do not reveal unknown usernames (Bug #39939). >+ >+ -- Daniel Troeder <troeder@univention.de> Wed, 25 Nov 2015 10:39:33 +0100 >+ > univention-self-service (1.0.2-28) unstable; urgency=low > > * fix bad comparison, raise request limits (Bug #39720) >Index: umc/python/passwordreset/__init__.py >=================================================================== >--- umc/python/passwordreset/__init__.py (Revision 65883) >+++ umc/python/passwordreset/__init__.py (Arbeitskopie) >@@ -439,7 +439,7 @@ > gr_names = map(str.lower, self.dns_to_groupname(groups_dns)) > except IndexError: > # no user or no group found >- raise UMC_Error(_("Unknown user '{}'.").format(username)) >+ raise UMC_Error(_("Username or password is incorrect.").format(username)) > > # group blacklist > if any([gr in bl_groups for gr in gr_names]): >Index: umc/python/passwordreset/de.po >=================================================================== >--- umc/python/passwordreset/de.po (Revision 65883) >+++ umc/python/passwordreset/de.po (Arbeitskopie) >@@ -121,10 +121,6 @@ > msgid "The Password has been used already. Please supply a new one." > msgstr "Das Passwort wurde bereits verwendet. Bitte geben Sie ein neues ein." > >-#: umc/python/passwordreset/__init__.py:439 >-msgid "Unknown user '{}'." >-msgstr "Unbekannter Benutzer '{}'." >- > #: umc/python/passwordreset/__init__.py:493 > msgid "Program error. Please report this to the administrator." > msgstr "Programm Fehler. Bitte berichten Sie dies dem Administrator."
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7317">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 39939
: 7317