[Git][security-tracker-team/security-tracker][master] more ansible updates
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Aug 6 13:14:48 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3b6a554a by Moritz Muehlenhoff at 2021-08-06T14:14:35+02:00
more ansible updates
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5909,6 +5909,8 @@ CVE-2021-3621
CVE-2021-3620
RESERVED
- ansible <unfixed>
+ [bullseye] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
+ [buster] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
- ansible-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975767
CVE-2021-35500
@@ -8664,9 +8666,10 @@ CVE-2021-3584
- foreman <itp> (bug #663101)
CVE-2021-3583 [Template Injection through yaml multi-line strings with ansible facts used in template]
RESERVED
- - ansible <undetermined>
- - ansible-base <undetermined>
+ - ansible <unfixed>
+ - ansible-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1968412
+ NOTE: https://github.com/ansible/ansible/commit/4c8c40fd3d4a58defdc80e7d22aa8d26b731353e.patch
CVE-2021-34290
RESERVED
CVE-2021-34289
@@ -14019,8 +14022,8 @@ CVE-2021-3534
RESERVED
CVE-2021-3533 (A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR ...)
- ansible <unfixed>
- [bullseye] - ansible <no-dsa> (Minor issue)
- [buster] - ansible <no-dsa> (Minor issue)
+ [bullseye] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
+ [buster] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
- ansible-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1956477
CVE-2021-32026
@@ -14055,9 +14058,9 @@ CVE-2021-32012 (SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause
NOT-FOR-US: SheetJS
CVE-2021-3532 (A flaw was found in Ansible where the secret information present in as ...)
- ansible <unfixed>
- [bullseye] - ansible <no-dsa> (Minor issue)
- [buster] - ansible <no-dsa> (Minor issue)
- - ansible-base <undetermined>
+ [bullseye] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
+ [buster] - ansible <postponed> (Minor issue, revisit when/if fixed upstream)
+ - ansible-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1956464
CVE-2021-3531 (A flaw was found in the Red Hat Ceph Storage RGW in versions before 14 ...)
- ceph 14.2.21-1 (bug #988890)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b6a554a54c1232d712451467691376135ca03b5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b6a554a54c1232d712451467691376135ca03b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210806/47d9ad31/attachment.htm>
More information about the debian-security-tracker-commits
mailing list