openSUSE: 2022:0081-1 Important: Ansible 26 Issue Security Update
opensuse
March 16, 2022
An update that solves 26 vulnerabilities and has one errata is now available
Description
Ansible was updated to 2.9.21 to fix lots of bugs and security issues.
Update to version 2.9.20, maintenance release containing numerous bugfixes.
Update to version 2.9.19 with minor changes and a few bug fixes.
Update to version 2.9.18:
* CVE-2021-20228 where default and fallback values for no_log parameters to modules were not previously masked. (bsc#1181935)
* CVE-2021-20178 where several parameters to the snmp_facts module were
logged and displayed despite containing sensitive information.
(bsc#1180816)
* CVE-2021-20180 where several parameters to the
bitbucket_pipeline_variable were logged and displayed despite containing
sensitive information. (bsc#1180942)
* CVE-2021-20191 which addresses a number of modules whose parameters were
logged and displayed despite containing sensitive information. For the
full list of affected modules, refer to the changelog linked below.
(bsc#1181119)
Update to version 2.9.17...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-81=1
Package List
- openSUSE Backports SLE-15-SP3 (noarch):
ansible-2.9.21-bp153.2.3.1
ansible-doc-2.9.21-bp153.2.3.1
ansible-test-2.9.21-bp153.2.3.1
References
https://www.suse.com/security/cve/CVE-2018-10875.html
https://www.suse.com/security/cve/CVE-2018-16837.html
https://www.suse.com/security/cve/CVE-2019-10156.html
https://www.suse.com/security/cve/CVE-2019-14846.html
https://www.suse.com/security/cve/CVE-2019-14904.html
https://www.suse.com/security/cve/CVE-2019-14905.html
https://www.suse.com/security/cve/CVE-2020-10684.html
https://www.suse.com/security/cve/CVE-2020-10685.html
https://www.suse.com/security/cve/CVE-2020-10691.html
https://www.suse.com/security/cve/CVE-2020-10729.html
https://www.suse.com/security/cve/CVE-2020-14330.html
https://www.suse.com/security/cve/CVE-2020-14332.html
https://www.suse.com/security/cve/CVE-2020-1733.html
https://www.suse.com/security/cve/CVE-2020-1734.html
https://www.suse.com/security/cve/CVE-2020-1735.html
https://www.suse.com/security/cve/CVE-2020-1736.html
https://www.suse.com/security/cve/CVE-2020-1737.html
https://www.suse.com/security/cve/CVE-2020-1738.html
https://www.suse.com/security/cve/CVE-2020-1739.html...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2022:0081-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP3
ble.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!