Page MenuHomePhabricator
Create Task
Maniphest T25812

AntiSpoof fails to update on renames
Closed, ResolvedPublic
Actions

Description

Author: overlordq

Description:
The Renameuser extension provides a RenameUserComplete hook for actions to trigger after a rename is performed. However AntiSpoof does not subscribe to this hook, so after a user gets renamed, there will be no entries in the spoofuser table for the renamed user and so the new username is vulnerable to other users spoofing it.

Version: unspecified
Severity: major

Details

Reference
bz23812

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 11:08 PM
bzimport added a project: AntiSpoof.
bzimport set Reference to bz23812.
bzimport created this task.Jun 6 2010, 12:54 AM
bzimport added a comment.Aug 6 2010, 8:43 PM

soxred93 wrote:

Untested patch

Untested patch, _should_ work, but needs someone who has both extensions installed to verify.

attachment AntiSpoof.patch ignored as obsolete

bzimport added a comment.Aug 6 2010, 8:45 PM

soxred93 wrote:

Fix error from proofreading

Attached:

AntiSpoof.patch1 KBDownload

bzimport added a comment.Oct 9 2010, 8:25 PM

soxred93 wrote:

r74566

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL