| Revision Date: | 2020-04-12 | Version: | 1 |
| Title: | Security update for ansible (Moderate) |
| Description: |
This update for ansible to version 2.9.6 fixes the following issues:
Security issues fixed:
- CVE-2019-14904: Fixed a vulnerability in solaris_zone module via crafted solaris zone (boo#1157968). - CVE-2019-14905: Fixed an issue where malicious code could craft filename in nxos_file_copy module (boo#1157969). - CVE-2019-14864: Fixed Splunk and Sumologic callback plugins leak sensitive data in logs (boo#1154830). - CVE-2019-14846: Fixed secrets disclosure on logs due to display is hardcoded to DEBUG level (boo#1153452) - CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (boo#1154232) - CVE-2019-14858: Fixed data in the sub parameter fields that will not be masked and will be displayed when run with increased verbosity (boo#1154231) - CVE-2019-10206: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. (boo#1142690) - CVE-2019-10217: Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks. (boo#1144453)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1137479
1142542
1142690
1144453
1153452
1154231
1154232
1154830
1157968
1157969
CVE-2019-10206
CVE-2019-10217
CVE-2019-14846
CVE-2019-14856
CVE-2019-14858
CVE-2019-14864
CVE-2019-14904
CVE-2019-14905
openSUSE-SU-2020:0513-1
|
| Platform(s): | openSUSE Leap 15.1
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.1 is installed AND Package Information
ansible-2.9.6-lp151.2.7.1 is installed
OR ansible-doc-2.9.6-lp151.2.7.1 is installed
OR ansible-test-2.9.6-lp151.2.7.1 is installed
|