Debian Bug report logs -
#912297
ansible: CVE-2018-16837
Package:
ansible;
Maintainer for ansible is Harlan Lieberman-Berg <hlieberman@debianorg>; Source for ansible is src:ansible (PTS, buildd, popcon)
Reported by: Chris Lamb <lamby@debianorg>
Date: Mon, 29 Oct 2018 21:54:02 UTC
Severity: grave
Tags: security
Fo ...
Several security issues were fixed in Ansible ...
Several vulnerabilities have been found in Ansible, a configuration
management, deployment, and task execution system:
CVE-2018-10855
/ CVE-2018-16876
The no_log task flag wasn't honored, resulting in an information leak
CVE-2018-10875
ansiblecfg was read from the current working directory
CVE-2018-16837
The user module leaked param ...
Synopsis
Moderate: CloudForms 463 bug fix and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for CloudForms Management Engine 59Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CV ...
Synopsis
Moderate: ansible security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for ansible is now available for Red Hat Ansible Engine 24 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syste ...
Synopsis
Moderate: ansible security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for ansible is now available for Red Hat Ansible Engine 25 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syste ...
Synopsis
Moderate: Red Hat Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now availableRed Hat Product Security has rated this update as having a secu ...
Synopsis
Moderate: ansible security update
Type/Severity
Security Advisory: Moderate
Topic
An update for ansible is now available for Red HatOpenStack Platform 130 (Queens)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Moderate: ansible security update
Type/Severity
Security Advisory: Moderate
Topic
An update for ansible is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ...
Synopsis
Moderate: ansible security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for ansible is now available for Red Hat Ansible Engine 2 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Ansible 25 prior to 255, and 24 prior to 245, do not honor the no_log task flag for failed tasks When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible ...