Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 18.04 LTS: USN-6846-3 moderate: Ansible regression fix

ubuntu
Calendar Grey February 13, 2025
Dist Ubuntu Esm H88
To fix the Ansible regression from USN-6846-3 on Ubuntu, it's crucial to grasp the security issue that caused the update, focusing on mitigating risks.
USN-6846-2 caused some regression in ansible.

Summary

USN-6846-2 caused some regression in ansible.

Software Description:

- ansible: Configuration management, deployment, and task execution system

Details:

USN-6846-1 fixed vulnerabilities in ansible. The update introduced a

regression in ansible. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that Ansible incorrectly handled certain inputs when

 using tower_callback parameter. If a user or an automated system were

 tricked into opening a specially crafted input file, a remote attacker

 could possibly use this issue to obtain sensitive information. This issue

 only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

 (CVE-2022-3697)

 It was discovered that Ansible incorrectly handled certain inputs. If a

 user or an automated system were tricked into opening a specially crafted

 input file, a remote attacker could possibly use this issue to perform a

 Tem...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
   ansible                         2.5.1+dfsg-1ubuntu0.1+esm4
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS
   ansible                         2.0.0.2-2ubuntu1.3+esm4
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6846-3

  https://ubuntu.com/security/notices/USN-6846-2

  https://ubuntu.com/security/notices/USN-6846-1

  https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/2097504

Ubuntu Security Notice USN-6846-3

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here