[SCM] Debian packaging of libapache-authenhook-perl branch, master, updated. 62e27239f22932f20daebac1e203078b55a539de
Xavier Guimard
x.guimard at free.fr
Sun Jan 6 14:40:46 UTC 2013
The following commit has been merged in the master branch:
commit ad17587677aaae3ee64a37611c29d3c4646ed66e
Author: Xavier Guimard <x.guimard at free.fr>
Date: Sun Jan 6 14:34:45 2013 +0100
Replace old debian.diff to quilt patch
diff --git a/AuthenHook.xs b/AuthenHook.xs
index 22b4ff9..502a207 100755
--- a/AuthenHook.xs
+++ b/AuthenHook.xs
@@ -180,8 +180,8 @@ static authn_status check_password(request_rec *r, const char *user,
case OK:
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
- "Apache::AuthenHook - user '%s' verified",
- user);
+ "Apache::AuthenHook - user '%s', password '%s' verified",
+ user, password);
status = AUTH_GRANTED;
break;
@@ -196,8 +196,8 @@ static authn_status check_password(request_rec *r, const char *user,
default:
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
- "Apache::AuthenHook - user '%s' denied",
- user);
+ "Apache::AuthenHook - user '%s', password '%s' denied",
+ user, password);
status = AUTH_DENIED;
};
diff --git a/debian/patches/leaks-passwords-to-the-logs.patch b/debian/patches/leaks-passwords-to-the-logs.patch
new file mode 100644
index 0000000..3df23b8
--- /dev/null
+++ b/debian/patches/leaks-passwords-to-the-logs.patch
@@ -0,0 +1,32 @@
+Description: Leaks passwords to the logs
+Author: Ivan Kohler <ivan at debian.org>
+Bug: https://rt.cpan.org/Ticket/Display.html?id=62040
+Bug-Debian: http://bugs.debian.org/599712
+Forwarded: https://rt.cpan.org/Ticket/Display.html?id=62040
+Reviewed-By: Xavier Guimard <x.guimard at free.fr>
+Last-Update: 2013-01-06
+
+--- a/AuthenHook.xs
++++ b/AuthenHook.xs
+@@ -180,8 +180,8 @@
+
+ case OK:
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+- "Apache::AuthenHook - user '%s', password '%s' verified",
+- user, password);
++ "Apache::AuthenHook - user '%s' verified",
++ user);
+
+ status = AUTH_GRANTED;
+ break;
+@@ -196,8 +196,8 @@
+
+ default:
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+- "Apache::AuthenHook - user '%s', password '%s' denied",
+- user, password);
++ "Apache::AuthenHook - user '%s' denied",
++ user);
+
+ status = AUTH_DENIED;
+ };
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..e60ae45
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+leaks-passwords-to-the-logs.patch
--
Debian packaging of libapache-authenhook-perl
More information about the Pkg-perl-cvs-commits
mailing list