Ansible prior to 2.4.5 does not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible (CVE-2018-10855).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | ansible | < 2.4.5.0-1.1 | ansible-2.4.5.0-1.1.mga5 |
Mageia | 6 | noarch | ansible | < 2.4.5.0-1.1 | ansible-2.4.5.0-1.1.mga6 |