Lars Vogdt
|
7af40c3479
|
Accepting request 810010 from home:mcepl:branches:systemsmanagement
- Correct ID of CVE and rename the patch to
CVE-2020-1744_avoid_mkdir_p.patch
- bsc#1167532 CVE-2020-10684 - code injection when using
ansible_facts as a subkey
* remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503) (https://github.com/ansible/ansible/pull/52133)
+ Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
from current working directory allowing possible code execution
OBS-URL: https://build.opensuse.org/request/show/810010
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=184
|
2020-05-28 22:37:12 +00:00 |
|