Back to bug 1390343
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Noriko Hosoi | 2016-10-31 18:27:54 UTC | Status | NEW | POST |
| Noriko Hosoi | 2016-10-31 21:30:13 UTC | Status | POST | MODIFIED |
| Fixed In Version | 389-ds-base-1.3.5.10-12.el7 | |||
| errata-xmlrpc | 2016-10-31 21:35:40 UTC | Status | MODIFIED | ON_QA |
| Noriko Hosoi | 2016-10-31 21:38:20 UTC | Fixed In Version | 389-ds-base-1.3.5.10-12.el7 | 389-ds-base-1.3.5.10-12.el7_3 |
| Noriko Hosoi | 2016-11-01 19:54:49 UTC | Doc Text | Cause: Enabling the ARGS level logging, it logs all the attribute values in the error log which could include sensitve values. Fix: This patch filters out sensitive types not to log. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Simon Pichugin | 2016-11-10 13:54:49 UTC | CC | lkrispen, spichugi | |
| Flags | needinfo?(lkrispen) | |||
| Simon Pichugin | 2016-11-13 08:29:29 UTC | Flags | needinfo?(nhosoi) | |
| Ludwig | 2016-11-14 09:24:48 UTC | CC | lkrispen | |
| Ludwig | 2016-11-14 09:26:28 UTC | CC | lkrispen | |
| Flags | needinfo?(lkrispen) needinfo?(nhosoi) | |||
| Simon Pichugin | 2016-11-14 09:29:36 UTC | Status | ON_QA | VERIFIED |
| Marc Muehlfeld | 2016-11-14 12:54:08 UTC | CC | mmuehlfe | |
| Doc Text | Cause: Enabling the ARGS level logging, it logs all the attribute values in the error log which could include sensitve values. Fix: This patch filters out sensitive types not to log. | Previously, when "Trace function calls" was enabled in the "nsslapd-errorlog-level" parameter, all attributes were logged into the Directory Server's error log file. As a consequence, attributes containing sensitive information were logged. A patch has been applied to filter out sensitive attributes. As a result, sensitive information are no longer written to the log files. | ||
| Flags | needinfo?(nhosoi) | |||
| Noriko Hosoi | 2016-11-14 19:29:26 UTC | Flags | needinfo?(nhosoi) | |
| Marc Muehlfeld | 2016-11-15 07:24:36 UTC | Doc Text | Previously, when "Trace function calls" was enabled in the "nsslapd-errorlog-level" parameter, all attributes were logged into the Directory Server's error log file. As a consequence, attributes containing sensitive information were logged. A patch has been applied to filter out sensitive attributes. As a result, sensitive information are no longer written to the log files. | Previously, when "Trace function calls" was enabled in the "nsslapd-errorlog-level" parameter, all attributes were logged into the Directory Server's error log file. As a consequence, attributes containing sensitive information were logged. A patch has been applied to filter out values of sensitive attributes. As a result, sensitive information are no longer written to the log files. |
| Marc Muehlfeld | 2016-11-18 08:32:30 UTC | Doc Text | Previously, when "Trace function calls" was enabled in the "nsslapd-errorlog-level" parameter, all attributes were logged into the Directory Server's error log file. As a consequence, attributes containing sensitive information were logged. A patch has been applied to filter out values of sensitive attributes. As a result, sensitive information are no longer written to the log files. | Previously, when the "Trace function calls" option was enabled in the "nsslapd-errorlog-level" parameter, all attributes were logged into the Directory Server's error log file including attributes containing sensitive information. A patch has been applied to filter out values of sensitive attributes. As a result, sensitive information are no longer written to the log files. |
| errata-xmlrpc | 2016-12-06 00:23:59 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2016-12-06 17:04:25 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-06 12:04:25 UTC | |||
| Simon Pichugin | 2020-09-13 21:52:14 UTC | Link ID | Github 389ds/389-ds-base/issues/2068 |
Back to bug 1390343