subject:"Bug#1037322\: amqp\-tools\: Process leaks authentication data"

Bug#1037322: amqp-tools: Process leaks authentication data

2023-06-15 Thread Christian Kastner

Control: tag -1 fixed-upstream On 2023-06-11 12:28, Christian Kastner wrote: > Package: amqp-tools > Version: 0.11.0-1 > Severity: grave > Tags: security > Forwarded: https://github.com/alanxz/rabbitmq-c/issues/575 > > When passing authentication data with either --password or --url, the > data i

Bug#1037322: amqp-tools: Process leaks authentication data

2023-06-11 Thread Christian Kastner

Package: amqp-tools Version: 0.11.0-1 Severity: grave Tags: security Forwarded: https://github.com/alanxz/rabbitmq-c/issues/575 When passing authentication data with either --password or --url, the data is exposed in the process list, where it can be seen by any user. Example: $ pgrep -a ampq-c