Passwords can accidentially end up in logs from badly made plugins
Bug #1567186 reported by
Robert Lyon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Robert Lyon | ||
1.10 |
Fix Released
|
High
|
Unassigned | ||
15.04 |
Fix Released
|
High
|
Unassigned | ||
15.10 |
Fix Released
|
High
|
Unassigned | ||
16.04 |
Fix Released
|
High
|
Robert Lyon | ||
16.10 |
Fix Released
|
High
|
Unassigned |
Bug Description
We have some code that suppresses the passwords in logs for LiveUser and for AuthLdap
But we need to extend it out to be more encompassing
information type: | Public → Private Security |
information type: | Private Security → Public Security |
Changed in mahara: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Patch: https:/ /reviews. mahara. org/#/c/ 6335