Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 774759 - <dev-python/aiosmtpd-1.4.2: sensitive AUTH information leak via logging
Summary: <dev-python/aiosmtpd-1.4.2: sensitive AUTH information leak via logging
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-03-08 07:14 UTC by Michał Górny
Modified: 2021-07-24 06:02 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2021-03-08 07:14:52 UTC
+Security Considerations
+=======================
+
+We have taken steps to prevent leakage of sensitive information (i.e., password) through logging
+by overriding the ``__repr__`` and ``__str__`` methods of the :class:`AuthResult` and
+:class:`LoginPassword` classes.
Comment 1 NATTkA bot gentoo-dev 2021-03-08 07:16:52 UTC
Unable to check for sanity:

> no match for package: dev-python/aiosmtpd-1.4.2
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-04-02 17:08:51 UTC
No stable versions so no need to stable. Please cleanup.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-24 06:02:20 UTC
All done!