Comment 5 for bug 1574458

I just checked the aprox 39 mysql-5.7 bug reports with xxx.error.log.txt
attached and did not see anymore.

I locked my report as my user name and a few random inserts were appeared
in the log.
"ssunderlin"
"Stephen Sunderlin"

If you can remove/replace/ or just delete that error log you can make my
report public again.

https://i255940206.restricted.launchpadlibrarian.net/255940206/Logs.var.log.mysql.error.log.txt?token=vjZn2FHWMBn7TDH8QfsM7fBf9Xccw9sv

Thank you.

On Mon, Apr 25, 2016 at 11:08 PM, Seth Arnold <email address hidden>
wrote:

> Thanks for the report; I found two instances in our bugs with the
> following messages:
>
> [Warning] Did not write failed 'GRANT ALL PRIVILEGES ON `phpmyadmin`.* TO
> `phpmyadmin`@'localhost' IDENTIFIED BY 'password'' into binary log while
> granting/revoking privileges in databases.
> [Warning] Did not write failed 'grant all privileges on wordpress.* to
> wordpressuser@localhost identified by "password"' into binary log while
> granting/revoking privileges in databases.
>
> (I've replaced the passwords with "password".)
>
> Are there other instances of passwords or usernames that go into this
> log?
>
> Thanks
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1574458
>
> Title:
> Logs.var.log.mysql.error.log.txt contains usernames and passwords
>
> Status in mariadb-10.0 package in Ubuntu:
> New
> Status in mariadb-5.5 package in Ubuntu:
> New
> Status in mysql-5.5 package in Ubuntu:
> New
> Status in mysql-5.6 package in Ubuntu:
> New
> Status in mysql-5.7 package in Ubuntu:
> New
>
> Bug description:
> Your automated bug reports are posting
> Logs.var.log.mysql.error.log.txt in clear text. These logs may
> contain PII as well as user credentials.
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1574458/+subscriptions
>