1451046 – Queued item containing secrets is being dumped in plain-text in evm.log

Bug 1451046 - Queued item containing secrets is being dumped in plain-text in evm.log

Summary: Queued item containing secrets is being dumped in plain-text in evm.log

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Providers
Sub Component:
Version:	5.8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	GA
Target Release:	5.8.0
Assignee:	James Wong
QA Contact:	Pavol Kotvan
Docs Contact:
URL:
Whiteboard:
Depends On:	1450183
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-15 15:58 UTC by Satoe Imaishi
Modified:	2017-05-31 15:12 UTC (History)
CC List:	5 users (show)
Fixed In Version:	5.8.0.15
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1450183
Environment:
Last Closed:	2017-05-31 15:12:44 UTC
Category:	---
Cloudforms Team:	CFME Core
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2017:1367	0	normal	SHIPPED_LIVE	Moderate: CFME 5.8.0 security, bug, and enhancement update	2017-05-31 18:16:03 UTC

Comment 2 CFME Bot 2017-05-15 16:01:08 UTC

New commit detected on ManageIQ/manageiq/fine:
https://github.com/ManageIQ/manageiq/commit/2d84cdb4a1783367da737f66f420cbd783825508

commit 2d84cdb4a1783367da737f66f420cbd783825508
Author:     Greg Blomquist <blomquisg>
AuthorDate: Mon May 15 11:42:37 2017 -0400
Commit:     Satoe Imaishi <simaishi>
CommitDate: Mon May 15 11:59:35 2017 -0400

    Merge pull request #15084 from jameswnl/encrypt
    
    Encrypt secrets before enqueue Tower CU operations
    (cherry picked from commit 601f965e89cdef4c46fdcb0db1827f709002ddb7)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1451046

 .../ansible_tower/shared/automation_manager/credential.rb      |  8 +++++---
 .../ansible_tower/shared/automation_manager/tower_api.rb       |  8 ++++++--
 lib/vmdb/settings/walker.rb                                    |  2 +-
 spec/support/ansible_shared/automation_manager/credential.rb   | 10 ++++++++--
 4 files changed, 20 insertions(+), 8 deletions(-)

Comment 5 errata-xmlrpc 2017-05-31 15:12:44 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1367

Note You need to log in before you can comment on or make changes to this bug.