Project

General

Profile

Bug #29931

Root repository upstream password saved in clear text

Added by Piyush Tiwari 5 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Repositories
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Subtasks

Bug #28112: yum repos password stored as cleartext in auditsClosed

Related issues

Related to Katello - Bug #30064: RootRepository password length too shortClosed

Associated revisions

Revision a9abccc2 (diff)
Added by Piyush Tiwari 5 months ago

Fixes #29931 - Encrypt Root repository upstream password (#8729)

History

#1 Updated by Partha Aji 5 months ago

  • Bugzilla link set to 1630536

#2 Updated by Partha Aji 5 months ago

The upstream_password for root_repository is stored in clear text in the database. This password needs to be encrypted.

Look at https://github.com/theforeman/foreman/blob/develop/app/models/http_proxy.rb#L10 for example on how to do that (think we have to just include Encryptable and encrypts)

#3 Updated by The Foreman Bot 5 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/8729 added

#4 Updated by Justin Sherrill 5 months ago

  • Triaged changed from No to Yes
  • Target version set to Katello 3.16.0
  • Category set to Repositories
  • Subject changed from Encrypt Root repository upstream password saved in clear text to Root repository upstream password saved in clear text

#5 Updated by The Foreman Bot 5 months ago

  • Fixed in Releases Katello 4.0.0 added

#6 Updated by Piyush Tiwari 5 months ago

  • Status changed from Ready For Testing to Closed

#7 Updated by Partha Aji 5 months ago

  • Related to Bug #30064: RootRepository password length too short added

Also available in: Atom PDF