Information on source package ansible

Available versions

ReleaseVersion
jessie1.7.2+dfsg-2
jessie (security)1.7.2+dfsg-2+deb8u2
stretch (security)2.2.1.0-2+deb9u1
buster2.7.7+dfsg-1
bullseye2.8.6+dfsg-1
sid2.8.6+dfsg-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-14905undeterminedundeterminedundeterminedundeterminedundeterminedmalicious code could craft filename in nxos_file_copy module
CVE-2019-14904undeterminedundeterminedundeterminedundeterminedundeterminedvulnerability in solaris_zone module via crafted solaris zone
CVE-2019-14864vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerable
CVE-2019-14858vulnerablevulnerablevulnerablefixedfixedA vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible ...
CVE-2019-14846vulnerablevulnerablevulnerablefixedfixedAnsible, all ansible_engine-2.x versions and ansible_engine-3.x up to ...
CVE-2019-10206vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedansible-playbook -k and ansible cli tools, all versions 2.8.x before 2 ...
CVE-2019-10156fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedA flaw was discovered in the way Ansible templating was implemented in ...
CVE-2017-7481fixedvulnerable (no DSA)fixedfixedfixedAnsible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark loo ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2017-7550vulnerablevulnerablefixedfixedfixedA flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x bef ...

Resolved issues

BugDescription
CVE-2019-3828Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path ...
CVE-2019-14856ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None ...
CVE-2019-10217A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensit ...
CVE-2018-16876ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ...
CVE-2018-16859Execution of Ansible playbooks on Windows platforms with PowerShell Sc ...
CVE-2018-16837Ansible "User" module leaks any data which is passed on as a parameter ...
CVE-2018-10875A flaw was found in ansible. ansible.cfg is read from the current work ...
CVE-2018-10874In ansible it was found that inventory variables are loaded from curre ...
CVE-2018-10855Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the n ...
CVE-2017-7466Ansible before version 2.3 has an input validation vulnerability in th ...
CVE-2016-9587Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper inpu ...
CVE-2016-8647An input validation vulnerability was found in Ansible's mysql_user mo ...
CVE-2016-8628Ansible before version 2.2.0 fails to properly sanitize fact variables ...
CVE-2016-8614A flaw was found in Ansible before version 2.2.0. The apt_key module d ...
CVE-2016-3096The create_script function in the lxc_container module in Ansible befo ...
CVE-2015-6240The chroot, jail, and zone connection plugins in ansible before 1.9.2 ...
CVE-2015-3908Ansible before 1.9.2 does not verify that the server hostname matches ...
CVE-2014-4967
CVE-2014-4966
CVE-2014-4678incomplete fix for CVE-2014-4657
CVE-2014-4660
CVE-2014-4659
CVE-2014-4658
CVE-2014-4657
CVE-2014-3498The user module in ansible before 1.6.6 allows remote authenticated us ...
CVE-2013-4260lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when p ...
CVE-2013-4259runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using C ...
CVE-2013-2233Ansible before 1.2.1 makes it easier for remote attackers to conduct m ...

Security announcements

DSA / DLADescription
DLA-1923-1ansible - security update
DSA-4396-1ansible - security update
DLA-1576-1ansible - security update

Search for package or bug name: Reporting problems