[SECURITY] Prevent login with semi-empty values 13/37013/2
authorNicole Cordes <typo3@cordes.co>
Thu, 19 Feb 2015 08:46:50 +0000 (09:46 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Thu, 19 Feb 2015 08:46:53 +0000 (09:46 +0100)
commit3fbd91c58baf98bdd8988333d90294cc6dc8f0c7
tree3f738c9da8de3df6a85582e7f301c364ae0afba3
parent6cf78f61e87ea9536dc836062b9152e6b51520a2
[SECURITY] Prevent login with semi-empty values

Disallow frontend user to login in with a password which can be casted
to an empty value.

Releases: 4.5
Resolves: #65113
Security-Bulletin: TYPO3-CORE-SA-2015-001
Change-Id: Iceb22eac9572044c05f5c5b27d335deacdf146f1
Reviewed-on: http://review.typo3.org/37013
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/rsaauth/sv1/class.tx_rsaauth_sv1.php
typo3/sysext/saltedpasswords/sv1/class.tx_saltedpasswords_sv1.php
typo3/sysext/sv/class.tx_sv_auth.php