[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-1753/ansible
Salvatore Bonaccorso
carnil at debian.org
Sun Dec 20 16:04:39 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
49257f41 by Salvatore Bonaccorso at 2020-12-20T17:04:11+01:00
Update information for CVE-2020-1753/ansible
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77161,6 +77161,9 @@ CVE-2020-1753 (A security flaw was found in Ansible Engine, all Ansible 2.7.x ve
[jessie] - ansible <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1811008
NOTE: https://github.com/ansible-collections/kubernetes/pull/51
+ NOTE: https://github.com/ansible/ansible/pull/71971
+ NOTE: Fixed by: https://github.com/ansible/ansible/commit/3728530c9a21c0992047d32cb02518d1b076e23d (v2.9.14rc1)
+ NOTE: Followup fix: https://github.com/ansible/ansible/commit/7529d31ba9042843ca4364459a744381728b7b4f (v2.9.15rc1)
NOTE: Fixing commit only introduces a warning about disclosure when using certain
NOTE: options.
CVE-2020-1752 (A use-after-free vulnerability introduced in glibc upstream version 2. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49257f41e7426115864f9168504446f8ed55f31d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49257f41e7426115864f9168504446f8ed55f31d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201220/759eefbb/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list