[tor-dev] [tor-talk] Trac accounts and potential account compromise
erinn at torproject.org
Fri May 2 03:45:40 UTC 2014
* Erinn Clark <erinn at torproject.org> [2014:05:01 22:41 -0400]:
> Dear Tor Trac users,
> We learned on recently that there was a bug in our Trac setup that allowed
> anyone to register a new user account for an existing user name, overwriting
> the existing user's password and thereby taking over the account .
I forgot the  :) Here it is:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 490 bytes
Desc: Digital signature
More information about the tor-dev