Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

Fedora 22 Ansible 1.9 Security Advisory: Critical Code Execution Risk

fedora
Calendar Grey April 25, 2016
Dist Fedora Esm H88
The recent Fedora 22 upgrade for ansible 1.9 tackles vulnerabilities related to code execution as well as various bugs, enhancing both security and overall performance.
Update to 1.9.6

Summary

Ansible is a radically simple model-driven configuration management,

multi-node deployment, and remote task execution system. Ansible works

over SSH and does not require any software or daemons to be installed

on remote nodes. Extension modules can be written in any language and

are transferred to managed machines automatically.

This package contains the older ansible-1.9.x package. Some people will have

trouble upgrading from 1.9.x to 2.0 so providing ansible-1.9.x in this package

as an interim measure.

Update Information:

Update to 1.9.6. Fixes bug #1327744 as well as CVE-2016-3096

Change Log

References


[ 1 ] Bug #1322925 - CVE-2016-3096 ansible: Code execution vulnerability in lxc_container https://bugzilla.redhat.com/show_bug.cgi?id=1322925

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update ansible1.9' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ansible1.9
Product: Fedora 22
Version: 1.9.6
Release: 1.fc22
Summary: SSH-based configuration management, deployment, and task execution system

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.