[SUSE-SU-2021:4152-1] Security update for ansible
Severity
Important
CVEs
2
Security update for ansible
This update for ansible fixes the following issues:
Update to 2.9.27:
- CVE-2021-3620: ansible-connection module discloses sensitive info in traceback error message (bsc#1187725).
- CVE-2021-3583: Template Injection through yaml multi-line strings with ansible facts used in template (bsc#1188061).
- ansible module nmcli is broken in ansible 2.9.13 (bsc#1176460)
- ID
- SUSE-SU-2021:4152-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2021/suse-su-20214152-1/
- Published
-
2021-12-22T09:58:27
(2 years ago) - Modified
-
2021-12-22T09:58:27
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- FEDORA-2021-0397bb2ccc
- FEDORA-2021-0e7910e389
- FEDORA-2021-4ad7c70d71
- FEDORA-2021-574ee4dd30
- FEDORA-2021-71ff867094
- FREEBSD:4C9159EA-D4C9-11EB-AEEE-8C164582FBAC
- FREEBSD:9A8514F3-2AB8-11EC-B3A1-8C164582FBAC
- MS:CVE-2021-3583
- MS:CVE-2021-3620
- PYSEC-2021-358
- PYSEC-2022-164
- SUSE-SU-2022:3178-1
- SUSE-SU-2024:0196-1
- USN-5315-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_4152-1.json | |
Suse | URL for SUSE-SU-2021:4152-1 | https://www.suse.com/support/update/announcement/2021/suse-su-20214152-1/ | |
Suse | E-Mail link for SUSE-SU-2021:4152-1 | https://lists.suse.com/pipermail/sle-security-updates/2021-December/009930.html | |
Bugzilla | SUSE Bug 1176460 | https://bugzilla.suse.com/1176460 | |
Bugzilla | SUSE Bug 1187725 | https://bugzilla.suse.com/1187725 | |
Bugzilla | SUSE Bug 1188061 | https://bugzilla.suse.com/1188061 | |
CVE | SUSE CVE CVE-2021-3583 page | https://www.suse.com/security/cve/CVE-2021-3583/ | |
CVE | SUSE CVE CVE-2021-3620 page | https://www.suse.com/security/cve/CVE-2021-3620/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |