You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "Anthony Baker (JIRA)" <ji...@apache.org> on 2016/01/08 02:34:40 UTC

[jira] [Updated] (GEODE-503) Geode can leak SSL keystore password via the log file

     [ https://issues.apache.org/jira/browse/GEODE-503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Anthony Baker updated GEODE-503:
--------------------------------
    Fix Version/s:     (was: 1.0.0-incubating)
                   1.0.0-alpha1

> Geode can leak SSL keystore password via the log file
> -----------------------------------------------------
>
>                 Key: GEODE-503
>                 URL: https://issues.apache.org/jira/browse/GEODE-503
>             Project: Geode
>          Issue Type: Bug
>          Components: core
>            Reporter: Vincent Ford
>            Assignee: Vincent Ford
>             Fix For: 1.0.0-alpha1
>
>         Attachments: AbstractConfigJUnitTest.java
>
>
> KeyStore password can be leaked via the log file, as this may get printed and is unintended. This could cause a security issue for some users by leaking information that could allow access to the keystore holding the SSL certificate used to validate connections between members. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)