Cryptoparty
Jens Kubieziel.@hanno found passwords in the bug reports from @owncloud and @nextcloud
!security
http://qttr.at/1shs
!security
http://qttr.at/1shs
MMN-o ✅⃠^- @nextclouders @bes Is this something relevant and interesting? Alleged !security issue with passwords from config.php included in bug reports.
@nextclouders @bes Seems to be all good though: »In all fairness to NextCloud, they had actually started scrubbing data from the existing bug reports, they just hadn't informed me.»
Björn Schießle@mmn personally I don't think so. It is bad if people forget to remove passwords, etc before they post a config/log on a forum, mailing list or issue tracker. But it is not a security issue of the software as such.