ansible doesn’t always succeed in changing a user’s password. The mysql_user
module has a flaw which means that the user’s passwords sometimes fails to change without telling the user. This means that old passwords may still be active when it should have been modified.
access.redhat.com/errata/RHSA-2017:1685
access.redhat.com/security/cve/CVE-2016-8647
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1396174
bugzilla.redhat.com/show_bug.cgi?id=1446527
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647
github.com/ansible/ansible-modules-core/pull/5388