From e056b02c8adc9e9f1e19d8d18e7a149f2931847d Mon Sep 17 00:00:00 2001
From: Adam Grare <adam@grare.com>
Date: Tue, 10 Oct 2023 10:33:31 -0400
Subject: [PATCH] Use ProviderSdkLogger as the class for ansible_tower_log

`Vmdb::Loggers::ProviderSdkLogger` has a log filtering mechanism that
prevents authorization tokens from showing up in logs.  This is needed
to prevent Faraday from logging Authorization request headers which
includes the Basic authorization token.

CVE-2023-46175
---
 lib/manageiq/providers/ansible_tower/engine.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/manageiq/providers/ansible_tower/engine.rb b/lib/manageiq/providers/ansible_tower/engine.rb
index 6c23efe..f51a82c 100644
--- a/lib/manageiq/providers/ansible_tower/engine.rb
+++ b/lib/manageiq/providers/ansible_tower/engine.rb
@@ -20,7 +20,7 @@ def self.plugin_name
         end
 
         def self.init_loggers
-          $ansible_tower_log ||= Vmdb::Loggers.create_logger("ansible_tower.log")
+          $ansible_tower_log ||= Vmdb::Loggers.create_logger("ansible_tower.log", Vmdb::Loggers::ProviderSdkLogger)
         end
 
         def self.apply_logger_config(config)