[rt-users] Security risk! Passwords can be compromised!

[Akash]

Hi all,

When I enabled logging of stack traces, the user passwords are being written
in cleartext in the log files!
I enabled stack tracing by adding the the following line in
RT_SiteConfig.pm:

Set($LogStackTraces, 4);

Can somebody please fix this serious error so that passwords are encrypted?
I am using RT 3.8.1 installed
from ports on a FreeBSD machine.  (Actually I think I got a patch from
someone in this mailing list.)  If
the error has been fixed in 3.8.2, please let me know.

Also, if a 3.8.2 port is available, is it stable enough to update my 3.8.1
version?

Thanks,
Akash.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090202/d958e23a/attachment.htm>