RLSA-2024:3043

See a problem?
Please try reporting it to the source first.
Source
https://errata.rockylinux.org/RLSA-2024:3043
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2024:3043.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2024:3043
Published
2025-05-07T19:11:47.341314Z
Modified
2025-05-07T20:08:45.846882Z
Upstream
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Moderate: ansible-core bug fix, enhancement, and security update
Details

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

Security Fix(es):

  • ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration (CVE-2024-0690)

Bug Fix(es):

  • Update ansible-core to 2.16.3 (JIRA:Rocky Linux-23782)

  • Rebuild ansible-core with python 3.12 (JIRA:Rocky Linux-24141)

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / ansible-core

Package

Name
ansible-core
Purl
pkg:rpm/rocky-linux/ansible-core?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.16.3-2.el8