[commits] Horde branch master updated. 99066a1654a0ceda77cfd4ae8977c643707ba0e7
Michael M Slusarz
slusarz at horde.org
Thu Mar 20 22:43:13 UTC 2014
The branch "master" has been updated.
The following is a summary of the commits.
from: 17277a858ea9f5d2011e31417ceba8ee75c71856
99066a1 [mms] SECURITY: Don't leak PDO DSN authentication/connection information in exception messages.
Summary: http://github.com/horde/horde/compare/17277a858ea9f5d2011e31417ceba8ee75c71856...99066a1654a0ceda77cfd4ae8977c643707ba0e7
-----------------------------------------------------------------------
commit 99066a1654a0ceda77cfd4ae8977c643707ba0e7
Author: Michael M Slusarz <slusarz at horde.org>
Date: Thu Mar 20 16:37:39 2014 -0600
[mms] SECURITY: Don't leak PDO DSN authentication/connection information in exception messages.
Exception messages may be displayed (desired or not) to the end-user.
Not sure if we want to display a lesser version of the DSN ... I will
leave that decision up to someone else.
Also, log the error or else there is a chance that it won't be logged at
the user level.
framework/Db/lib/Horde/Db/Adapter/Pdo/Base.php | 3 ++-
framework/Db/package.xml | 2 ++
2 files changed, 4 insertions(+), 1 deletions(-)
http://github.com/horde/horde/commit/99066a1654a0ceda77cfd4ae8977c643707ba0e7
http://git.horde.org/horde-git/-/commit/99066a1654a0ceda77cfd4ae8977c643707ba0e7
More information about the commits
mailing list