Credit for this find goes to Florian Weimer of Red Hat - thank you Florian!
As a reminder, Ansible practices responsible disclosure - if you ever find a issue or think you have found one, please email us at [email protected] and we will reply to you as soon as possible. On Wed, Jun 25, 2014 at 3:47 PM, Michael DeHaan <[email protected]> wrote: > Hi everyone, > > Today we have updated Ansible to fix a security problem where specifically > constructed untrusted data can cause the Ansible tool to execute unwanted > inputs on the control machine. > > This update is available in PyPi now, as well as on releases.ansible.com > in tarball form. > > All users are encouraged to update. > > --Michael > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgw53arArumx910mDxF-bA-QNFAnZDi%3Dnf7519ueM6cKBA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
