* [MOD] Related #637. Improved random bytes generation to prevent cache-timing attacks (this does not affec to to cryptographic functions, which were already safe). Thanks to @LeSuisse for the feedback.

* [MOD] Temporary master password will never be saved in the event log.
2026-03-15 04:46:49 +01:00 · 2017-06-15 15:07:44 +02:00
parent 35a65affff
commit 7ee9c1004c
3 changed files with 8 additions and 31 deletions
--- a/inc/SP/Controller/ConfigActionController.class.php
+++ b/inc/SP/Controller/ConfigActionController.class.php
@@ -647,7 +647,6 @@ class ConfigActionController implements ItemControllerInterface

        if ($tempMasterPass !== false && !empty($tempMasterPass)) {
            $this->LogMessage->addDescription(__('Clave Temporal Generada', false));
-            $this->LogMessage->addDetails(__('Clave', false), $tempMasterPass);

            if ($tempMasterEmail) {
                $Message = new NoticeMessage();