Security fix in 3.4.4

2021-02-17

Recently 3.4.4 patch release was published, including one, but important bugfix.

When DEBUG or TRACE logging level was active for any of the two following logging facilities, sensitive information was outputted to log files in some cases of users registration. All users who have DEBUG logs enabled and are using registration forms should audit their log files for entries from the following two facilities and scrub them if necessary:

unity.server.BaseRequestPreprocessor
unity.server.RegistrationRequestPreprocessor

The version 3.4.4 fixes this issue.