Bug #15517: Root password is sent to system journal in clear text when set - Discovery - Foreman

Bug #15517

Root password is sent to system journal in clear text when set

Added by Lukas Zapletal almost 7 years ago. Updated almost 7 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Lukas Zapletal

Category:

Image

Target version:

Discovery Image 3.2.0

Difficulty:

trivial

Triaged:

Bugzilla link:

1349138

Pull request:

https://github.com/theforeman/foreman-discovery-image/pull/77

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

By default root account is locked on discovered nodes, user needs to enable ssh service manually and enter root password in the dialog. Then it makes into the system journal in clear text.

This is being tracked as CVE-2016-4996, moderate impact.

Acknowledgments:

Name: Thom Carlin (Red Hat)

Associated revisions

Revision 5ec8a51c (diff)
Added by Lukas Zapletal almost 7 years ago

Fixes #15517 - root password is not sent to journal (#77)

History

#1 Updated by Lukas Zapletal almost 7 years ago

Bugzilla link set to 1349138

#2 Updated by The Foreman Bot almost 7 years ago

Status changed from New to Ready For Testing
Pull request https://github.com/theforeman/foreman-discovery-image/pull/77 added

#3 Updated by Lukas Zapletal almost 7 years ago

Status changed from Ready For Testing to Closed
% Done changed from 0 to 100

Applied in changeset foreman-discovery-image|5ec8a51cf400b9a2112a0ba34942d06e5c5589b8.

Also available in: Atom PDF

Project

General

Profile

Plugins » Discovery

Issues

Custom queries