GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

Previous Next

Package: emacs;

Reported by: Jari Aalto <jari.aalto <at> cante.net>

Date: Tue, 5 Apr 2011 11:28:01 UTC

Severity: normal

Tags: security

Found in version 23.2+1-7

Fixed in version 29.1

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

Message #107 received at 8427 <at> debbugs.gnu.org (full text, mbox):

From: Michael Mauger <mmauger <at> protonmail.com>
To: Stefan Kangas <stefan <at> marxist.se>
Cc: ahyatt <at> gmail.com, Eli Zaretskii <eliz <at> gnu.org>, 8427 <at> debbugs.gnu.org,
 michael.albinus <at> gmx.de, larsi <at> gnus.org
Subject: Re: bug#8427: [SECURITY] sql.el -- comint process passwords are
 leaked to ps(1) listing
Date: Tue, 19 Oct 2021 04:37:23 +0000

On Wednesday, October 13th, 2021 at 5:26 PM, Stefan Kangas <stefan <at> marxist.se> wrote:

> Eli Zaretskii eliz <at> gnu.org writes:
>
> > I'm okay with installing this on the release branch if Michael thinks
> > it's safe enough.
>
> Michael, could you please push this to emacs-28 or master as you prefer?
> Alternatively, just tell us where you'd like it to land and me or
> someone else can push it.

I've pushed to master for now. I'll test this week and decide then whether I push to emacs-28.

I think its fine and safe, but I effed up for emacs-27, so I'm a little cautious...

--
MICHAEL <at> MAUGER.COM // FSF and EFF member // GNU Emacs sql.el maintainer
This bug report was last modified 3 years and 201 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.