Bug 965807 - sosreport does not blankout password in anaconda-ks.cfg and yum.repo
Summary: sosreport does not blankout password in anaconda-ks.cfg and yum.repo
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sos
Version: 5.9
Hardware: x86_64
OS: All
urgent
urgent
Target Milestone: rc
: ---
Assignee: Bryn M. Reeves
QA Contact: Miroslav Hradílek
URL:
Whiteboard:
Depends On: 857304 1034865
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-05-21 19:07 UTC by Libor Miksik
Modified: 2022-07-09 06:06 UTC (History)
13 users (show)

Fixed In Version: sos-1.7-9.62.el5_9.1
Doc Type: Bug Fix
Doc Text:
* Previous versions of the sos anaconda module would not elide password configuration from collected kickstart and yum repository configuration files * This may lead to unintended disclosure of these password settings * The sosreport command now applies a string substitution when collection these files to ensure passwords are obscured * Generated reports no longer include this possibly sensitive information while still collecting diagnostic data from the module
Clone Of:
Environment:
Last Closed: 2013-07-30 16:59:40 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:1121 0 normal SHIPPED_LIVE Low: sos security update 2013-07-30 20:57:08 UTC

Description Libor Miksik 2013-05-21 19:07:24 UTC 
This bug has been copied from bug #857304 and has been proposed
to be backported to 5.9 z-stream (EUS).
Comment 10 errata-xmlrpc 2013-07-30 16:59:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-1121.html
Note You need to log in before you can comment on or make changes to this bug.