Hi, when setting up a debci network, I noticed that the binaries from the amqp-tools package expose credentials in the process list.
This had already been reported upstream [1]. I filed #1037322 [2] to track the issue within the BTS, with tag "security". However, I cannot see the bug in the security tracker. I guess I'm assuming too much behind the security tag? Anyhoo, my patch to fix this got merged upstream and I'll update #1037322 accordingly, but I'm unclear as to if/how this should be tracked/reported, and consequently if/how this should be fixed in stable and older. Advice would be very much appreciated. Best, Christian [1] https://github.com/alanxz/rabbitmq-c/issues/575 [2] https://bugs.debian.org/1037322
