URL: https://github.com/SSSD/sssd/pull/497 Title: #497: sysdb: sanitize search filter input - backport sssd-1-14
lslebodn commented: """ I know we started discussion as part of #496 but I firstly backported patches + sysdb unit tests to 1.14 branch. https://github.com/lslebodn/sssd/tree/cve_backport_1.14 Related sysdb functions are almost the same as in master branch. I did not include afadeb1a530ff010a2f9a7552562576b843c874b into 1.14 because it is not related to CVE fix. But we were backporting UPN fixes to 1.13 so we might backport that commit in different PR And there is also missing ba926c98b7ae605077a09ba7135e05257de62a0f because it was related to multiple results for searches by certificate which is only in 1.15 as a feature. @sumit-bose Could you check PR before I'll backport patches to 1.13? """ See the full comment at https://github.com/SSSD/sssd/pull/497#issuecomment-367340136
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org