ZF-12074: Passwords printed in plaintext on PDOException
When using the postgres PDO and I supply a password but no user name in the application.ini, I get a PDOException (this is to be expected). However the exception message prints the sql server password in plaintext. For security concerns, stack traces should never print a password in plain text.
Ideally, the stack trace should be scrubbed like in Zend_Auth_Adapter_Ldap (~Line 372), see ZF-11839.
Example 'admin' password below:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE  fe_sendauth: no password supplied' in E:\build\console_sep12\lib\Zend\Db\Adapter\Pdo\Abstract.php:129 Stack trace: