Impact
Due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.
Patches
This issue has been addressed by #566 and fix released in 5.4.1.
Workarounds
An immediate workaround would be to change collation of the affected field:
ALTER TABLE `social_auth_usersocialauth` MODIFY `uid` varchar(255) COLLATE `utf8_bin`;
References
This issue was discovered by folks at https://opencraft.com/.
bradenmacdonald Reporter
nijel Remediation developer
Impact
Due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.
Patches
This issue has been addressed by #566 and fix released in 5.4.1.
Workarounds
An immediate workaround would be to change collation of the affected field:
References
This issue was discovered by folks at https://opencraft.com/.