2 matches found
MGASA-2018-0303 Updated ansible packages fix security vulnerability
Ansible prior to 2.4.5 does not honor the nolog task flag for failed tasks. When the nolog flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user...
MGASA-2017-0164 Updated ansible packages fix security vulnerability
It was found that aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key CVE-2016-8614. It is reported that in Ansible, under some circumstances the mysqluser module...