[
https://issues.apache.org/jira/browse/CASSANDRA-21113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18090209#comment-18090209
]
Stefan Miklosovic commented on CASSANDRA-21113:
-----------------------------------------------
4.0
https://app.circleci.com/pipelines/github/instaclustr/cassandra/6506/workflows/1aecd30d-ae5f-4fa4-942b-93c0070618be
4.1
https://app.circleci.com/pipelines/github/instaclustr/cassandra/6507/workflows/5383a073-c75c-4927-94a3-50740b8b1b68
5.0 https://pre-ci.cassandra.apache.org/job/cassandra-5.0/138/#showFailuresLink
6.0 https://pre-ci.cassandra.apache.org/job/cassandra-6.0/73/#showFailuresLink
> PasswordObfuscator fails to obfuscate certain passwords
> -------------------------------------------------------
>
> Key: CASSANDRA-21113
> URL: https://issues.apache.org/jira/browse/CASSANDRA-21113
> Project: Apache Cassandra
> Issue Type: Bug
> Components: Legacy/Core
> Reporter: Andrew Weaver
> Assignee: Andrew Weaver
> Priority: Normal
> Fix For: 4.0.x, 4.1.x, 5.0.x, 6.x, 7.x
>
> Attachments: 4_0.patch, trunk.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> PasswordObfuscator fails to obfuscate passwords containing regex characters
> ($, +, ?, etc.) or the regex end-quote sequence \E.
> This leads to passwords containing these characters being logged in clear
> text in audit logs for DCL statements, or in the case of \E on trunk, a
> java.util.regex.PatternSyntaxException being thrown.
> I've attached patches for the 4.0 branch and trunk.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
