ALT-PU-2024-2387-1
Package ansible-core updated to version 2.15.9-alt0.p10.1 for branch p10_e2k.
Closed vulnerabilities
BDU:2023-07854
Уязвимость системы управления конфигурациями Ansible, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2023-5764
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
- RHSA-2023:7773
- RHSA-2023:7773
- https://access.redhat.com/security/cve/CVE-2023-5764
- https://access.redhat.com/security/cve/CVE-2023-5764
- RHBZ#2247629
- RHBZ#2247629
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
- https://security.netapp.com/advisory/ntap-20241025-0001/
Modified: 2025-01-17
CVE-2024-0690
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
- RHSA-2024:0733
- RHSA-2024:0733
- RHSA-2024:2246
- RHSA-2024:2246
- RHSA-2024:3043
- RHSA-2024:3043
- https://access.redhat.com/security/cve/CVE-2024-0690
- https://access.redhat.com/security/cve/CVE-2024-0690
- RHBZ#2259013
- RHBZ#2259013
- https://github.com/ansible/ansible/pull/82565
- https://github.com/ansible/ansible/pull/82565
- https://security.netapp.com/advisory/ntap-20250117-0001/
Closed bugs
apt_rpm не обновляет пакеты