ALSA-2024:3043

Source
https://errata.almalinux.org/8/ALSA-2024-3043.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3043.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2024:3043
Related
Published
2024-05-22T00:00:00Z
Modified
2024-05-29T14:39:55Z
Summary
Moderate: ansible-core bug fix, enhancement, and security update
Details

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

Security Fix(es):

  • ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration (CVE-2024-0690)

Bug Fix(es):

  • Update ansible-core to 2.16.3 (JIRA:AlmaLinux-23782)
  • Rebuild ansible-core with python 3.12 (JIRA:AlmaLinux-24141)
References

Affected packages

AlmaLinux:8 / ansible-core

Package

Name
ansible-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.16.3-2.el8

AlmaLinux:8 / ansible-test

Package

Name
ansible-test

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.16.3-2.el8