Lucene search

K
redhatRedHatRHSA-2019:4242
HistoryDec 16, 2019 - 11:21 p.m.

(RHSA-2019:4242) Important: Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container

2019-12-1623:21:27
access.redhat.com
34

0.003 Low

EPSS

Percentile

68.4%

  • Added a command to generate a new SECRET_KEY and rekey the database
  • Removed the guest user from the optionally-configured RabbitMQ admin interface (CVE-2019-19340)
  • Fixed assorted issues with preserving permissions in the Ansible Tower backup playbook (CVE-2019-19341)
  • Fixed a partial password disclosure when special characters existed in the RabbitMQ password (CVE-2019-19342)
  • Fixed a file descriptor leak in the Tower service during project updates
  • Fixed an issue where AUTHORIZATION_CODE_EXPIRE_SECONDS and ACCESS_TOKEN_EXPIRE_SECONDS were not properly honored
  • Fixed an issue where some timezones in schedules could not be parsed
  • Fixed isolated execution of playbooks with blanks in the filename
  • Fixed saving of workflow extra_vars
  • Updated Ansible Tower to disallow Jinja in inventory hostnames
  • Updated analytics data collection to match Ansible Tower 3.6
  • Updated bundled oVirt SDK to version 4.3.0