View Issue Details

IDProjectCategoryView StatusLast Update
0001311Main CAcert Websiteaccount administrationpublic2021-08-25 13:37
ReporterRuel Print Assigned To 
Status newResolutionopen 
PlatformDefaultOSWindows 7OS VersionUltimate
Product Version2014 Q4 
Summary0001311: The check about email during email dispute works incorrect
DescriptionTaken from Ticket s20141001.32
I observed that there was an email disput that fires this mail:
Someone has just attempted to dispute this email 'someone@domain.tld', which belongs to a locked account: xxxxx

By looking at the accounts with 'someone@domain.tld' I find one deleted account following the old delete account predent case which of course is locked.
The second account is an active not blocked account.

The problem seems to be a wrong sql statement where there is no check if the email is deleted.
Steps To ReproduceOpenSSL Security Advisory [07 Apr 2014]

TLS heartbeat read overrun (CVE-2014-0160)

A missing bounds check in the handling of the TLS heartbeat extension can be
used to reveal up to 64k of memory to a connected client or server.

Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including
1.0.1f and 1.0.2-beta1.

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <> and Bodo Moeller <> for
preparing the fix.

Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately
upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.

1.0.2 will be fixed in 1.0.2-beta2.
Additional Information<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:content="">
<title> Git - cacert-devel.git/rss - pages/account/19.php history</title>
<description>CAcert's authoritative development repository</description>
<managingEditor>Software Assessors</managingEditor>
<title> Git - cacert-devel.git/rss - pages/account/19.php history</title>
<pubDate>Mon, 29 Mar 2010 07:54:06 +0000</pubDate>
<lastBuildDate>Mon, 29 Mar 2010 07:54:06 +0000</lastBuildDate>
<generator>gitweb v.</generator>
<title>remove cacert/ prefix</title>
<author>Markus Warg <></author>
<pubDate>Mon, 29 Mar 2010 07:54:06 +0000</pubDate>
<guid isPermaLink="true">;a=commitdiff;h=9dceece06fbdc98add6f76f0b1aec05891a394c4</guid>
<description>remove cacert/ prefix</description>
remove cacert/ prefix
Reviewed by
Test Instructions


related to 0000769 needs workTed Client certificate broken with unicode 

Issue History

Date Modified Username Field Change
2014-10-04 09:49 Ruel Print New Issue
2014-10-04 09:49 Ruel Print Issue generated from: 0001310
2014-10-04 09:50 Ruel Print Tag Attached: vserver
2021-08-25 13:37 bdmc Relationship added related to 0000769