-
Arun Kuruvila authored
PASSWORDS LOGGED IN CLEAR TEXT Description:- Passwords which fail validation by the password validation plugin are logged in mysqld error log as warning messages in clear text. Analysis:- Logging of warning message for completely failed "GRANT/REVOKE users" queries is added as part of another bug fix. The intention of that bug fix was to handle partial execution of queries by adding an incident event in the binary log. But along with addition of incident event in the binary log for partial execution, a warning message is also added for quires which fails completely. Fix:- Logging of warning message to the mysqld error log is removed which will in turn solve this issue.
Arun Kuruvila authoredPASSWORDS LOGGED IN CLEAR TEXT Description:- Passwords which fail validation by the password validation plugin are logged in mysqld error log as warning messages in clear text. Analysis:- Logging of warning message for completely failed "GRANT/REVOKE users" queries is added as part of another bug fix. The intention of that bug fix was to handle partial execution of queries by adding an incident event in the binary log. But along with addition of incident event in the binary log for partial execution, a warning message is also added for quires which fails completely. Fix:- Logging of warning message to the mysqld error log is removed which will in turn solve this issue.
Loading