Project

General

Profile

Bug #29931

Root repository upstream password saved in clear text

Added by Piyush Tiwari almost 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Piyush Tiwari
Category:
Repositories
Target version:
Katello 3.16.0
Difficulty:
Triaged:
Yes
Bugzilla link:
1630536
Pull request:
https://github.com/Katello/katello/pull/8729
Fixed in Releases:
Katello 4.0.0
Found in Releases:
Red Hat JIRA:

Subtasks

Bug #28112: yum repos password stored as cleartext in auditsClosed

Related issues

Related to Katello - Bug #30064: RootRepository password length too shortClosed

Associated revisions

Revision a9abccc2 (diff)
Added by Piyush Tiwari almost 3 years ago

Fixes #29931 - Encrypt Root repository upstream password (#8729)

History

#1 Updated by Partha Aji almost 3 years ago

  • Bugzilla link set to 1630536

#2 Updated by Partha Aji almost 3 years ago

The upstream_password for root_repository is stored in clear text in the database. This password needs to be encrypted.

Look at https://github.com/theforeman/foreman/blob/develop/app/models/http_proxy.rb#L10 for example on how to do that (think we have to just include Encryptable and encrypts)

#3 Updated by The Foreman Bot almost 3 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/8729 added

#4 Updated by Justin Sherrill almost 3 years ago

  • Triaged changed from No to Yes
  • Target version set to Katello 3.16.0
  • Category set to Repositories
  • Subject changed from Encrypt Root repository upstream password saved in clear text to Root repository upstream password saved in clear text

#5 Updated by The Foreman Bot almost 3 years ago

  • Fixed in Releases Katello 4.0.0 added

#6 Updated by Piyush Tiwari almost 3 years ago

  • Status changed from Ready For Testing to Closed

#7 Updated by Partha Aji almost 3 years ago

  • Related to Bug #30064: RootRepository password length too short added

Also available in: Atom PDF