The Vulnerability History Project

Fix CVE-2011-2204.

      Prevent user passwords appearing in log files if a runtime exception (e.g. OOME) occurs while creating a new user for a MemoryUserDatabase via JMX.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1140070 13f79535-47bb-0310-9956-ffa450edef68

by Pauline the Wren 2011-06-27 09:27:06 UTC

commit 763a56b45999653ce648a18462b8a826809215b1

Tomcat Fix CVE-2011-2204

java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java

+9 -9

java/org/apache/catalina/users/MemoryUser.java

+2 -48

java/org/apache/catalina/users/MemoryUserDatabase.java

+1 -1

webapps/docs/changelog.xml

-5

expand_less