[SUSE-SU-2021:4152-1] Security update for ansible
Severity
Important
CVEs
2
Security update for ansible
This update for ansible fixes the following issues:
Update to 2.9.27:
- CVE-2021-3620: ansible-connection module discloses sensitive info in traceback error message (bsc#1187725).
- CVE-2021-3583: Template Injection through yaml multi-line strings with ansible facts used in template (bsc#1188061).
- ansible module nmcli is broken in ansible 2.9.13 (bsc#1176460)
- ID
- SUSE-SU-2021:4152-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2021/suse-su-20214152-1/
- Published
-
2021-12-22T09:58:27
(2 years ago) - Modified
-
2021-12-22T09:58:27
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
FEDORA-2021-0397bb2ccc
-
FEDORA-2021-0e7910e389
-
FEDORA-2021-4ad7c70d71
-
FEDORA-2021-574ee4dd30
-
FEDORA-2021-71ff867094
-
FREEBSD:4C9159EA-D4C9-11EB-AEEE-8C164582FBAC
-
FREEBSD:9A8514F3-2AB8-11EC-B3A1-8C164582FBAC
-
MS:CVE-2021-3583
-
MS:CVE-2021-3620
-
PYSEC-2021-358
-
PYSEC-2022-164
-
SUSE-SU-2022:3178-1
-
SUSE-SU-2024:0196-1
-
USN-5315-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2021:4152-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2021:4152-1 |
|
|
| Bugzilla | SUSE Bug 1176460 |
|
|
| Bugzilla | SUSE Bug 1187725 |
|
|
| Bugzilla | SUSE Bug 1188061 |
|
|
| CVE | SUSE CVE CVE-2021-3583 page |
|
|
| CVE | SUSE CVE CVE-2021-3620 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |