Alerts This Week
Warning Icon 1 1,053
Alerts This Week
Warning Icon 1 1,053

Ubuntu 7330-2: Ansible Security Advisory Updates

ubuntu
Calendar Grey March 28, 2025
Dist Ubuntu Esm H88
Ansible regression fixes in Ubuntu 16.04 LTS following USN-7330-1 updates addressing security issues.
USN 7330-1 introduced a regression in Ansible.

Summary

USN 7330-1 introduced a regression in Ansible.

Software Description:

- ansible: Configuration management, deployment, and task execution system

Details:

USN-7330-1 fixed vulnerabilities in Ansible. The update introduced a

regression when attempting to install Ansible on Ubuntu 16.04 LTS.

This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that Ansible did not properly verify certain fields

 of X.509 certificates. An attacker could possibly use this issue to

 spoof SSL servers if they were able to intercept network communications.

 This issue only affected Ubuntu 14.04 LTS. (CVE-2015-3908)

 Martin Carpenter discovered that certain connection plugins for Ansible

 did not properly restrict users. An attacker with local access could

 possibly use this issue to escape a restricted environment via symbolic

 links misuse. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-6240)

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update Ubuntu issue regression Ansible

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
   ansible                         2.0.0.2-2ubuntu1.3+esm6
                                   Available with Ubuntu Pro
   ansible-fireball                2.0.0.2-2ubuntu1.3+esm6
                                   Available with Ubuntu Pro
   ansible-node-fireball           2.0.0.2-2ubuntu1.3+esm6
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7330-2

  https://ubuntu.com/security/notices/USN-7330-1

  https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/2104925

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7330-2

Topics%20covered

Topics Covered

security advisory update Ubuntu issue regression Ansible

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here