The Vulnerability History Project

Fix CVE-2011-2204.

      Prevent user passwords appearing in log files if a runtime exception (e.g. OOME) occurs while creating a new user for a MemoryUserDatabase via JMX.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc5.5.x/trunk@1140072 13f79535-47bb-0310-9956-ffa450edef68

by Pauline the Wren 2011-06-27 09:28:44 UTC

commit 8b81c8c869987e35deed04993ecfcf7be27ca298

Tomcat Fix CVE-2011-2204

container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java

+9 -9

container/catalina/src/share/org/apache/catalina/users/MemoryUser.java

+1 -49

container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java

+1 -1

container/webapps/docs/changelog.xml

+1 -5

expand_less