CVE-2017-8296

Name	CVE-2017-8296
Description	kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-925-1
Debian Bugs	860817

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
kedpm	source	wheezy	0.5.0-4+deb7u1	DLA-925-1
kedpm	source	jessie	1.0+deb8u1
kedpm	source	(unstable)	(unfixed)		860817

Notes

patch in BTS gives workaround to always prompt for password and do not save
to database.
https://www.openwall.com/lists/oss-security/2017/04/25/9