GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

Previous Next

Package: emacs;

Reported by: Jari Aalto <jari.aalto <at> cante.net>

Date: Tue, 5 Apr 2011 11:28:01 UTC

Severity: normal

Tags: security

Found in version 23.2+1-7

Fixed in version 29.1

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

Message #95 received at 8427 <at> debbugs.gnu.org (full text, mbox):

From: Michael Mauger <mmauger <at> protonmail.com>
To: Stefan Kangas <stefan <at> marxist.se>
Cc: Andrew Hyatt <ahyatt <at> gmail.com>, Lars Ingebrigtsen <larsi <at> gnus.org>,
 "8427 <at> debbugs.gnu.org" <8427 <at> debbugs.gnu.org>,
 "michael.albinus <at> gmx.de" <michael.albinus <at> gmx.de>,
 Eli Zaretskii <eliz <at> gnu.org>
Subject: Re: bug#8427: [SECURITY] sql.el -- comint process passwords are
 leaked to ps(1) listing
Date: Wed, 13 Oct 2021 16:05:57 +0000

On Tuesday, October 12th, 2021 at 1:05 AM, Stefan Kangas <stefan <at> marxist.se> wrote:

> Lars Ingebrigtsen larsi <at> gnus.org writes:
> > Michael Mauger mmauger <at> protonmail.com writes:
> > > > Please wait for a while, I'd like Michael Mauger to review this.
> > > >
> > > > Thanks.
> > > I will take a look after New Years. Thank you, Andrew and Eli.
> > Michael, have you had time to look at the patches? I had a brief skim,
> > and they looked reasonable to me, but I have neither read them in-depth
> > nor tried them.
> Any news about this? It would be great to get this into Emacs 28.

I'm fine with this.  I remember this vaguely and think we are all set. Let's
get it committed and we'll give it some attention/testing before the release
This bug report was last modified 3 years and 201 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.