[jira] [Updated] (GEODE-503) Geode can leak SSL keystore password via the log file
[ https://issues.apache.org/jira/browse/GEODE-503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Anthony Baker updated GEODE-503: Fix Version/s: (was: 1.0.0-incubating) 1.0.0-alpha1 > Geode can leak SSL keystore password via the log file > - > > Key: GEODE-503 > URL: https://issues.apache.org/jira/browse/GEODE-503 > Project: Geode > Issue Type: Bug > Components: core >Reporter: Vincent Ford >Assignee: Vincent Ford > Fix For: 1.0.0-alpha1 > > Attachments: AbstractConfigJUnitTest.java > > > KeyStore password can be leaked via the log file, as this may get printed and > is unintended. This could cause a security issue for some users by leaking > information that could allow access to the keystore holding the SSL > certificate used to validate connections between members. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (GEODE-503) Geode can leak SSL keystore password via the log file
[ https://issues.apache.org/jira/browse/GEODE-503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vincent Ford updated GEODE-503: --- Attachment: AbstractConfigJUnitTest.java Unit test that shows the area that has issues. > Geode can leak SSL keystore password via the log file > - > > Key: GEODE-503 > URL: https://issues.apache.org/jira/browse/GEODE-503 > Project: Geode > Issue Type: Bug > Components: core >Reporter: Vincent Ford > Attachments: AbstractConfigJUnitTest.java > > > KeyStore password can be leaked via the log file, as this may get printed and > is unintended. This could cause a security issue for some users by leaking > information that could allow access to the keystore holding the SSL > certificate used to validate connections between members. -- This message was sent by Atlassian JIRA (v6.3.4#6332)