[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[virt-tools-list] [virt-manager PATCH 0/2] unattended: Don't expose user & admin passwords



Let's not expose user & admin passwords neither by having an option to
be used to set those passwords nor in the debug messages.

'CVE-2019-10183' has been assigned to the virt-install --unattended
admin-password=xxx disclosure issue.

Fabiano Fidêncio (2):
  unattended: Read the passwords from a file
  unattended: Don't log user & admin passwords

 man/virt-install.pod                  | 14 +++++++---
 tests/cli-test-xml/admin-password.txt |  1 +
 tests/cli-test-xml/user-password.txt  |  3 +++
 tests/clitest.py                      | 18 +++++++------
 virtinst/cli.py                       |  4 +--
 virtinst/install/unattended.py        | 38 ++++++++++++++++++---------
 6 files changed, 52 insertions(+), 26 deletions(-)
 create mode 100644 tests/cli-test-xml/admin-password.txt
 create mode 100644 tests/cli-test-xml/user-password.txt

-- 
2.21.0


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]