905879 – (CVE-2023-31413) <app-admin/filebeat-7.17.16: credential leakage into logs

Bug 905879 (CVE-2023-31413) - <app-admin/filebeat-7.17.16: credential leakage into logs

Summary: <app-admin/filebeat-7.17.16: credential leakage into logs

Status:	IN_PROGRESS

Alias:	CVE-2023-31413

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://discuss.elastic.co/t/elastic-...
Whiteboard:	B4 [glsa?]
Keywords:	PullRequest

Depends on:	924322
Blocks:
	Show dependency tree

Reported:	2023-05-07 15:53 UTC by John Helmert III
Modified:	2024-02-23 10:51 UTC (History)
CC List:	4 users (show)

See Also:	https://github.com/gentoo/gentoo/pull/33433 https://github.com/gentoo/gentoo/pull/35503
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2023-05-07 15:53:04 UTC

CVE-2023-31413:

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.

Please bump to 7.17.10.

Comment 1 Larry the Git Cow gentoo-dev

2024-01-20 13:33:48 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=987287bcedc164e51a80277231d2a0393a559f45

commit 987287bcedc164e51a80277231d2a0393a559f45
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2024-01-11 14:44:07 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-20 13:30:06 +0000

    app-admin/filebeat: add 7.17.16
    
    Bug: https://bugs.gentoo.org/905879
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/33433
    Signed-off-by: Sam James <sam@gentoo.org>

 app-admin/filebeat/Manifest                |  2 ++
 app-admin/filebeat/filebeat-7.17.16.ebuild | 58 ++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)

Comment 2 John Helmert III archtester

2024-02-17 21:13:36 UTC

Please cleanup.

Comment 3 Larry the Git Cow gentoo-dev

2024-02-23 10:45:41 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=622fc7f4dc7370184dbd6f86d263b81362405c87

commit 622fc7f4dc7370184dbd6f86d263b81362405c87
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2024-02-23 10:19:25 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-02-23 10:44:28 +0000

    app-admin/filebeat: drop 7.17.5
    
    Bug: https://bugs.gentoo.org/905879
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/35503
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 app-admin/filebeat/Manifest               |  2 --
 app-admin/filebeat/filebeat-7.17.5.ebuild | 58 -------------------------------
 2 files changed, 60 deletions(-)