Both cli_wallet and nodes are going to reject transactions that contains private key material in their memo field
I'm not a big fan of solving it at nodes, because it is already too late. Best solution is to keep an eye on users' memo field (it has to be implemented in 3rd party every application that allows transfers) and refuse to put there any key material.
So it's not a fix that gets rid of some software bug. It is a change that would try to stop users that are willing to hurt themselves.
RE: You shall not (leak your) pass!