Information on source package ansible

Available versions

ReleaseVersion
jessie1.7.2+dfsg-2
jessie (security)1.7.2+dfsg-2+deb8u1
stretch2.2.1.0-2
buster2.7.1+dfsg-1
sid2.7.1+dfsg-2

Open issues

BugjessiestretchbustersidDescription
CVE-2018-16837fixedvulnerablefixedfixedAnsible "User" module leaks any data which is passed on as a parameter ...
CVE-2018-10875vulnerable (no DSA)vulnerablefixedfixedA flaw was found in ansible. ansible.cfg is read from the current ...
CVE-2018-10855fixedvulnerablefixedfixedAnsible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the ...
CVE-2017-7481vulnerable (no DSA)vulnerable (no DSA)fixedfixedAnsible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark ...
CVE-2015-6240vulnerable (no DSA)fixedfixedfixedThe chroot, jail, and zone connection plugins in ansible before 1.9.2 ...
CVE-2015-3908vulnerable (no DSA)fixedfixedfixedAnsible before 1.9.2 does not verify that the server hostname matches ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2017-7550vulnerablevulnerablefixedfixedA flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x ...

Resolved issues

BugDescription
CVE-2018-10874In ansible it was found that inventory variables are loaded from ...
CVE-2017-7466Ansible before version 2.3 has an input validation vulnerability in ...
CVE-2016-9587Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper ...
CVE-2016-8647An input validation vulnerability was found in Ansible's mysql_user ...
CVE-2016-8628Ansible before version 2.2.0 fails to properly sanitize fact variables ...
CVE-2016-8614A flaw was found in Ansible before version 2.2.0. The apt_key module ...
CVE-2016-3096The create_script function in the lxc_container module in Ansible ...
CVE-2014-4967
CVE-2014-4966
CVE-2014-4678incomplete fix for CVE-2014-4657
CVE-2014-4660
CVE-2014-4659
CVE-2014-4658
CVE-2014-4657
CVE-2014-3498The user module in ansible before 1.6.6 allows remote authenticated ...
CVE-2013-4260lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when ...
CVE-2013-4259runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ...
CVE-2013-2233Ansible before 1.2.1 makes it easier for remote attackers to conduct ...

Security announcements

DSA / DLADescription
DLA-1576-1ansible - security update

Search for package or bug name: Reporting problems