Comment 2 for bug 1377981
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Missing fix for ssh_execute (Exceptions thrown may contain passwords) | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I have a couple minor English grammar corrections to suggest:
"... An attacker with read access to the services' logs may obtain passwords used as a parameter of a command that has failed or when mask_password did not mask passwords properly."
Aside from that, the impact description looks fine. The products header is conflated with our usual versions header, but as this is for different versions of two projects that is probably unavoidable.