Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 905879 (CVE-2023-31413) - <app-admin/filebeat-7.17.16: credential leakage into logs
Summary: <app-admin/filebeat-7.17.16: credential leakage into logs
Status: IN_PROGRESS
Alias: CVE-2023-31413
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://discuss.elastic.co/t/elastic-...
Whiteboard: B4 [glsa?]
Keywords: PullRequest
Depends on: 924322
Blocks:
  Show dependency tree
 
Reported: 2023-05-07 15:53 UTC by John Helmert III
Modified: 2024-02-23 10:51 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-07 15:53:04 UTC
CVE-2023-31413:

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.

Please bump to 7.17.10.
Comment 1 Larry the Git Cow gentoo-dev 2024-01-20 13:33:48 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=987287bcedc164e51a80277231d2a0393a559f45

commit 987287bcedc164e51a80277231d2a0393a559f45
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2024-01-11 14:44:07 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-20 13:30:06 +0000

    app-admin/filebeat: add 7.17.16
    
    Bug: https://bugs.gentoo.org/905879
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/33433
    Signed-off-by: Sam James <sam@gentoo.org>

 app-admin/filebeat/Manifest                |  2 ++
 app-admin/filebeat/filebeat-7.17.16.ebuild | 58 ++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2024-02-17 21:13:36 UTC
Please cleanup.
Comment 3 Larry the Git Cow gentoo-dev 2024-02-23 10:45:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=622fc7f4dc7370184dbd6f86d263b81362405c87

commit 622fc7f4dc7370184dbd6f86d263b81362405c87
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2024-02-23 10:19:25 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-02-23 10:44:28 +0000

    app-admin/filebeat: drop 7.17.5
    
    Bug: https://bugs.gentoo.org/905879
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/35503
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 app-admin/filebeat/Manifest               |  2 --
 app-admin/filebeat/filebeat-7.17.5.ebuild | 58 -------------------------------
 2 files changed, 60 deletions(-)