Upgrade to ansible 1.9.2 when released
Bug #1466216 reported by
Ian Cordasco
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack-Ansible |
Fix Released
|
High
|
Tom Cameron | ||
| Kilo |
Fix Released
|
High
|
Tom Cameron | ||
| Trunk |
Fix Released
|
High
|
Tom Cameron | ||
Bug Description
Ansible 1.9.2 (unreleased) fixed a CVE-2015-3908 that affected usage of get_url. The vulnerability is related to allowing an HTTPS connection to be MITM'd.
CVE References
| Changed in openstack-ansible: | |
| milestone: | none → 11.0.4 |
| Changed in openstack-ansible: | |
| assignee: | nobody → Tom Cameron (tom-cameron) |
| Changed in openstack-ansible: | |
| status: | Triaged → In Progress |
Revision history for this message
| Kevin Carter (kevin-carter) wrote | #1 |
Revision history for this message
| Kevin Carter (kevin-carter) wrote | #2 |
| tags: | added: security |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to os-ansible-deployment (kilo) | #3 |
| Changed in openstack-ansible: | |
| status: | In Progress → Fix Committed |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to os-ansible-deployment (kilo) | #4 |
Revision history for this message
| Davanum Srinivas (DIMS) (dims-v) wrote Fix included in openstack/openstack-ansible 11.2.11 | #5 |
Revision history for this message
| Doug Hellmann (doug-hellmann) wrote Fix included in openstack/openstack-ansible 11.2.12 | #6 |
Revision history for this message
| Davanum Srinivas (DIMS) (dims-v) wrote Fix included in openstack/openstack-ansible 11.2.14 | #7 |
To post a comment you must log in.
Looks like 1.9.2-1 was just released, if we can get that in it would be most excellent.