| 2023-10-01 06:14:25 |
nikhil kshirsagar |
bug |
|
|
added bug |
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
nominated for series |
|
Ubuntu Lunar |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
bug task added |
|
sosreport (Ubuntu Lunar) |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
nominated for series |
|
Ubuntu Focal |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
bug task added |
|
sosreport (Ubuntu Focal) |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
nominated for series |
|
Ubuntu Bionic |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
bug task added |
|
sosreport (Ubuntu Bionic) |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
nominated for series |
|
Ubuntu Mantic |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
bug task added |
|
sosreport (Ubuntu Mantic) |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
nominated for series |
|
Ubuntu Jammy |
|
| 2023-10-01 06:15:01 |
nikhil kshirsagar |
bug task added |
|
sosreport (Ubuntu Jammy) |
|
| 2023-10-01 06:15:40 |
nikhil kshirsagar |
summary |
[sru] wifi password is not obfuscated in /etc/netplan |
[sru] wifi password is not obfuscated in /etc/netplan yaml files |
|
| 2023-10-01 06:15:49 |
nikhil kshirsagar |
description |
[IMPACT]
wifi SSID and password (in cleartext) is not obfuscated from /etc/netplan when a sosreport is collected, or even cleaned using sos cleaner or mask.
[TEST PLAN]
Manually create /etc/netplan using this content,
~~~
network:
version: 2
wifis:
NM-9156e614-a3ef-4743-a642-a58ae63193e3:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
dhcp6: true
access-points:
"My Cool Wireless Network SSID":
auth:
key-management: "psk"
password: "MySecretPassword"
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
passthrough:
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
~~~
Collect a sosreport and check if the networking plugin obfuscates the password.
[WHERE PROBLEMS COULD OCCUR]
If due to some exception sosreport does not call the postproc() method on the plugin, leaving the password unobfuscated. I have ruled out this situation based on my analysis of the code, so this SRU seems a reasonably safe patch. |
[IMPACT]
wifi SSID and password (in cleartext) is not obfuscated from /etc/netplan/UUID-yaml file when a sosreport is collected, or even cleaned using sos cleaner or mask.
[TEST PLAN]
Manually create /etc/netplan/xxx-yaml using this content,
~~~
network:
version: 2
wifis:
NM-9156e614-a3ef-4743-a642-a58ae63193e3:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
dhcp6: true
access-points:
"My Cool Wireless Network SSID":
auth:
key-management: "psk"
password: "MySecretPassword"
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
passthrough:
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
~~~
Collect a sosreport and check if the networking plugin obfuscates the password.
[WHERE PROBLEMS COULD OCCUR]
If due to some exception sosreport does not call the postproc() method on the plugin, leaving the password unobfuscated. I have ruled out this situation based on my analysis of the code, so this SRU seems a reasonably safe patch. |
|
| 2023-10-01 06:16:09 |
nikhil kshirsagar |
description |
[IMPACT]
wifi SSID and password (in cleartext) is not obfuscated from /etc/netplan/UUID-yaml file when a sosreport is collected, or even cleaned using sos cleaner or mask.
[TEST PLAN]
Manually create /etc/netplan/xxx-yaml using this content,
~~~
network:
version: 2
wifis:
NM-9156e614-a3ef-4743-a642-a58ae63193e3:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
dhcp6: true
access-points:
"My Cool Wireless Network SSID":
auth:
key-management: "psk"
password: "MySecretPassword"
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
passthrough:
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
~~~
Collect a sosreport and check if the networking plugin obfuscates the password.
[WHERE PROBLEMS COULD OCCUR]
If due to some exception sosreport does not call the postproc() method on the plugin, leaving the password unobfuscated. I have ruled out this situation based on my analysis of the code, so this SRU seems a reasonably safe patch. |
[IMPACT]
wifi SSID and password (in cleartext) is not obfuscated from /etc/netplan/UUID-yaml file when a sosreport is collected, or even cleaned using sos cleaner or mask.
[TEST PLAN]
Manually create /etc/netplan/9156e614.yaml using this content,
~~~
network:
version: 2
wifis:
NM-9156e614-a3ef-4743-a642-a58ae63193e3:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
dhcp6: true
access-points:
"My Cool Wireless Network SSID":
auth:
key-management: "psk"
password: "MySecretPassword"
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
passthrough:
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "9156e614-a3ef-4743-a642-a58ae63193e3"
name: "My Cool Wireless Network SSID"
~~~
Collect a sosreport and check if the networking plugin obfuscates the password.
[WHERE PROBLEMS COULD OCCUR]
If due to some exception sosreport does not call the postproc() method on the plugin, leaving the password unobfuscated. I have ruled out this situation based on my analysis of the code, so this SRU seems a reasonably safe patch. |
|
| 2023-10-03 07:44:24 |
nikhil kshirsagar |
sosreport (Ubuntu Mantic): status |
New |
In Progress |
|
| 2023-10-03 11:31:14 |
Launchpad Janitor |
sosreport (Ubuntu Mantic): status |
In Progress |
Fix Released |
|
| 2023-10-04 10:10:27 |
nikhil kshirsagar |
sosreport (Ubuntu Bionic): status |
New |
In Progress |
|
| 2023-10-04 10:10:31 |
nikhil kshirsagar |
sosreport (Ubuntu Focal): status |
New |
In Progress |
|
| 2023-10-04 10:10:34 |
nikhil kshirsagar |
sosreport (Ubuntu Jammy): status |
New |
In Progress |
|
| 2023-10-04 10:10:41 |
nikhil kshirsagar |
sosreport (Ubuntu Bionic): status |
In Progress |
New |
|
| 2023-10-04 10:10:46 |
nikhil kshirsagar |
sosreport (Ubuntu Lunar): status |
New |
In Progress |
|
| 2023-10-06 12:53:05 |
Timo Aaltonen |
sosreport (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
| 2023-10-06 12:53:06 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2023-10-06 12:53:09 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
| 2023-10-06 12:53:14 |
Timo Aaltonen |
tags |
|
verification-needed verification-needed-jammy |
|
| 2023-10-06 12:54:49 |
Timo Aaltonen |
sosreport (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
| 2023-10-06 12:54:52 |
Timo Aaltonen |
tags |
verification-needed verification-needed-jammy |
verification-needed verification-needed-focal verification-needed-jammy |
|
| 2023-10-06 12:55:30 |
Timo Aaltonen |
sosreport (Ubuntu Lunar): status |
In Progress |
Fix Committed |
|
| 2023-10-06 12:55:33 |
Timo Aaltonen |
tags |
verification-needed verification-needed-focal verification-needed-jammy |
verification-needed verification-needed-focal verification-needed-jammy verification-needed-lunar |
|
| 2023-10-07 09:54:04 |
nikhil kshirsagar |
attachment added |
|
sossrutests https://bugs.launchpad.net/ubuntu/+source/sosreport/+bug/2037872/+attachment/5707583/+files/sossrutests |
|
| 2023-10-07 09:54:22 |
nikhil kshirsagar |
tags |
verification-needed verification-needed-focal verification-needed-jammy verification-needed-lunar |
verification-done verification-done-focal verification-done-jammy verification-done-lunar |
|
| 2023-10-18 11:35:53 |
nikhil kshirsagar |
bug watch added |
|
https://github.com/sosreport/sos/issues/3388 |
|
| 2023-10-19 10:47:13 |
Launchpad Janitor |
sosreport (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2023-10-19 10:47:19 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2023-10-19 10:48:19 |
Launchpad Janitor |
sosreport (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
| 2023-10-19 10:51:39 |
Launchpad Janitor |
sosreport (Ubuntu Lunar): status |
Fix Committed |
Fix Released |
|
