Package(s):	python-fedora	CVE #(s):
Created:	February 13, 2009	Updated:	February 18, 2009
Description:	From the Fedora advisory: This release includes a bugfix to the fedora.client.AccountSystem().verify_password() method. verify_password() was incorrectly returning True (username, password combination was correct) for any input. Although no known code is using this method to verify a user's account with the Fedora Account System, the existence of the method and the fact that anyone using this would be allowing users due to the bug makes this a high priority bug to fix.
Alerts:	Fedora FEDORA-2009-1518 python-fedora 2009-02-12 Fedora FEDORA-2009-1519 python-fedora 2009-02-12

---

to post comments