SUSE-SU-2018:0605-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20180605-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0605-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:0605-1
Related
Published
2018-03-05T09:43:36Z
Modified
2018-03-05T09:43:36Z
Summary
Security update for ansible
Details

This update for ansible fixes the following issues:

  • CVE-2017-7550: A flaw was found in the way Ansible passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the 'params' argument, and noting this in the module documentation. (bsc#1065872)
References

Affected packages

SUSE:OpenStack Cloud 7 / ansible

Package

Name
ansible
Purl
pkg:rpm/suse/ansible&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.3.0-9.1

Ecosystem specific

{
    "binaries": [
        {
            "ansible": "2.2.3.0-9.1"
        }
    ]
}