(RHSA-2024:0322) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

2024-01-2214:15:04

access.redhat.com

red hat ansible automation platform

product security

bug fix

enterprise it automation

security fixes

python3

gitpython

twisted

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

22.0%

JSON

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

python3-gitpython/python39-gitpython: Blind local file inclusion (CVE-2023-41040)
python3-twisted/python39-twisted: disordered HTTP pipeline response in twisted.web (CVE-2023-46137)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional changes:

python3-dynaconf/python39-dynaconf has been updated to 3.1.12-2
python3-gitpython/python39-gitpython has been updated to 3.1.40
python3-twisted/python39-twisted has been updated to 23.10.0

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython39-twisted< 23.10.0-1.el8appython39-twisted-23.10.0-1.el8ap.noarch.rpm
RedHat8noarchpython39-twisted+tls< 23.10.0-1.el8appython39-twisted+tls-23.10.0-1.el8ap.noarch.rpm
RedHat8noarchpython39-gitpython< 3.1.40-1.el8appython39-gitpython-3.1.40-1.el8ap.noarch.rpm
RedHat8noarchpython39-dynaconf< 3.1.12-2.el8appython39-dynaconf-3.1.12-2.el8ap.noarch.rpm
RedHat9noarchpython3-dynaconf< 3.1.12-2.el9appython3-dynaconf-3.1.12-2.el9ap.noarch.rpm
RedHat9noarchpython3-twisted+tls< 23.10.0-1.el9appython3-twisted+tls-23.10.0-1.el9ap.noarch.rpm
RedHat9noarchpython3-gitpython< 3.1.40-1.el9appython3-gitpython-3.1.40-1.el9ap.noarch.rpm
RedHat9noarchpython3-twisted< 23.10.0-1.el9appython3-twisted-23.10.0-1.el9ap.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	noarch	python39-twisted	< 23.10.0-1.el8ap	python39-twisted-23.10.0-1.el8ap.noarch.rpm
RedHat	8	noarch	python39-twisted+tls	< 23.10.0-1.el8ap	python39-twisted+tls-23.10.0-1.el8ap.noarch.rpm
RedHat	8	noarch	python39-gitpython	< 3.1.40-1.el8ap	python39-gitpython-3.1.40-1.el8ap.noarch.rpm
RedHat	8	noarch	python39-dynaconf	< 3.1.12-2.el8ap	python39-dynaconf-3.1.12-2.el8ap.noarch.rpm
RedHat	9	noarch	python3-dynaconf	< 3.1.12-2.el9ap	python3-dynaconf-3.1.12-2.el9ap.noarch.rpm
RedHat	9	noarch	python3-twisted+tls	< 23.10.0-1.el9ap	python3-twisted+tls-23.10.0-1.el9ap.noarch.rpm
RedHat	9	noarch	python3-gitpython	< 3.1.40-1.el9ap	python3-gitpython-3.1.40-1.el9ap.noarch.rpm
RedHat	9	noarch	python3-twisted	< 23.10.0-1.el9ap	python3-twisted-23.10.0-1.el9ap.noarch.rpm