Project

General

Profile

Actions
Copy link

Bug #23208

open

Add a warning in the logs when using local auth with non-bcrypt passwords

Added by Alexis Mousset over 1 year ago. Updated 15 days ago.

Status:
Pending technical review
Priority:
N/A
Assignee:
François ARMAND
Category:
Security
Target version:
8.1.9
Pull Request:
https://github.com/Normation/rudder/p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

The old hashes should be replaced fro security. A rudder-users.xml access without it would very likely lead to password recovery using rainbow tables.

Actions
Copy link
 #1

Updated by Alexis Mousset over 1 year ago

  • Status changed from New to In progress
  • Assignee set to Alexis Mousset
Actions
Copy link
 #2

Updated by Alexis Mousset over 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis Mousset to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/4944
Actions
Copy link
 #3

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 8.0.0~beta1 to 8.0.0~beta2
Actions
Copy link
 #4

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 8.0.0~beta2 to 8.0.0~beta3
Actions
Copy link
 #5

Updated by Alexis Mousset about 1 year ago

  • Target version changed from 8.0.0~beta3 to 8.1.0~alpha1
Actions
Copy link
 #6

Updated by Vincent MEMBRÉ 10 months ago

  • Target version changed from 8.1.0~alpha1 to 8.1.0~beta1
Actions
Copy link
 #7

Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 8.1.0~beta1 to 8.1.0~beta2
Actions
Copy link
 #8

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 8.1.0~beta2 to 8.1.0~rc1
Actions
Copy link
 #9

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 8.1.0~rc1 to 8.1.0
Actions
Copy link
 #10

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 8.1.0 to 8.1.1
Actions
Copy link
 #11

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 8.1.1 to 8.1.2
Actions
Copy link
 #12

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 8.1.2 to 8.1.3
Actions
Copy link
 #13

Updated by Vincent MEMBRÉ 6 months ago

  • Target version changed from 8.1.3 to 8.1.4
Actions
Copy link
 #14

Updated by Vincent MEMBRÉ 5 months ago

  • Target version changed from 8.1.4 to 8.1.5
Actions
Copy link
 #15

Updated by Vincent MEMBRÉ 5 months ago

  • Target version changed from 8.1.5 to 8.1.6
Actions
Copy link
 #16

Updated by Vincent MEMBRÉ 4 months ago

  • Target version changed from 8.1.6 to 8.1.7
Actions
Copy link
 #17

Updated by Vincent MEMBRÉ 2 months ago

  • Target version changed from 8.1.7 to 8.1.8
Actions
Copy link
 #18

Updated by Vincent MEMBRÉ 15 days ago

  • Target version changed from 8.1.8 to 8.1.9
Actions
Copy link

Also available in: Atom PDF