prometheanfire 15/05/05 15:12:11 Added: CVE-2015-3646-2014.2.3.patch Log: fixing a new cve 0day :D (Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0x33ED3FD25AFC78BA)
Revision Changes Path 1.1 sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch?rev=1.1&content-type=text/plain Index: CVE-2015-3646-2014.2.3.patch =================================================================== >From 695153a523faa9310e2e20d0333c33a47334208a Mon Sep 17 00:00:00 2001 From: Eric Brown <bro...@vmware.com> Date: Mon, 13 Apr 2015 11:37:53 -0700 Subject: [PATCH] backend_argument should be marked secret Since the backend_argument can potentially contain a password, it should be marked secret to avoid leakage into the logs. Closes-Bug: #1443598 Change-Id: I55663db4cf2df84a66de8f64fba4b4f129ae827d (cherry picked from commit f9db1a65bd4d83d12c572ba4d5807845996ef410) --- keystone/common/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keystone/common/config.py b/keystone/common/config.py index d7f9dd8..d953e49 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -313,7 +313,7 @@ 'deployments. Small workloads (single process) ' 'like devstack can use the dogpile.cache.memory ' 'backend.'), - cfg.MultiStrOpt('backend_argument', default=[], + cfg.MultiStrOpt('backend_argument', default=[], secret=True, help='Arguments supplied to the backend module. ' 'Specify this option once per argument to be ' 'passed to the dogpile.cache backend. Example '