RedHat: RHSA-2019-3958-01 Critical: Ansible Tower 3.6.1 EL7 Container
red hat
November 25, 2019
Red Hat Ansible Tower 3.6.1-1 - EL7 Container 2
Solution
For information on upgrading Ansible Tower, reference the Ansible Tower
Upgrade and Migration Guide:
https://legacy-controller-docs.ansible.com/ansible-tower/
index.html
Summary
Ansible Tower Version 3.6.1
- -----------------------------
- - Fixed accidental disclosure of Red Hat username and password in
/api/v2/config (CVE-2019-14890)
- - Fixed upgrade failure with bundled installer
- - Fixed license check error when reinstalling over a partially-installed
Tower
- - Fixed database restore when using a PostgreSQL pod
- - Fixed error when CA data was missing for a container group credential
- - Fixed error when a container group job was launched when Tower was out
of capacity
- - Fixed a few minor issues in the AWX modules collection
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2019-14890 https://access.redhat.com/security/updates/classification#critical
Package List
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2019:3958-01
Product: Red Hat Ansible Tower
Advisory URL: https://access.redhat.com/errata/RHSA-2019:3958
Issue date: 2019-11-25
Topic
Red Hat Ansible Tower 3.6.1-1 - EL7 Container
Topics Covered
Relevant Releases Architectures
Bugs Fixed
1773622 - CVE-2019-14890 Tower: RHSM username and password exposed after license application
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!