Control: tag -1 +help +upstream Control: severity -1 important Thank you very much for your bug report, Henrik.
On 07/01/2017 11:22 AM, Henrik Størner wrote: > > keepassx 2.0.3-1 (in Debian "stretch") fails to clear the clipboard history > after a password has been copied to the clipboard. > > The keepassx security settings has "Clear clipboard after 10 seconds" enabled. > > To reproduce, > - select an entry with a stored password in the keepassx database > - press ctrl-C to copy the password to the clipboard > - after 10 seconds (default setting), the password should disappear from the > clipboard history > - click on the clipboard icon in the panel, the password is visible > > This is using the KDE Desktop installation, and hence the KDE clipboard. > > The KDE clipboard has a setting to prevent the clipboard from being emptied, > but this setting does not change the behaviour. I noticed that keepassx does ship with code that does look like it should do exactly that: http://sources.debian.net/src/keepassx/2.0.3-1/src/gui/Clipboard.cpp/ Unfortunately, I'm not familiar with that particular API so I can't comment on whether the API is being used correctly or not. However, I'm confident that it did work for the author, who may or may not have used KDE. I'd appreciate any help from KDE experts here. While I do agree that this can be viewed as be a security related issue, I disagree that this issue is "release critical". I'm therefore downgrading the severity of this bug. Best, Reinhard
