Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0003c375 by Markus Koschany at 2021-01-11T01:08:07+01:00 Update status of ansible in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -14,16 +14,8 @@ rather than remove/replace existing ones. -- ansible (Markus Koschany) - NOTE: 20200506: CVE-2020-1736: The version in jessie does not use the - NOTE: 20200506: `_DEFAULT_PERM` global variable but hardcodes 0666 - NOTE: 20200506: in the atomic_move code in basic.py, so is likely vulnerable. - NOTE: 20200506: (lamby) - NOTE: 20200508: bam: Problem exists with new files only. Existing files - NOTE: 20200508: bam: code resets permissions to same value, should be fine. - NOTE: 20200508: bam: Upstream fix was to use 660 - https://github.com/ansible/ansible/pull/68970 - NOTE: 20200508: bam: Upstream fix was reverted - https://github.com/ansible/ansible/pull/68983 - NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794 - NOTE: 20201228: apo: Partial update will be released this week now. + NOTE: 20210111: apo: Testing this version required more time than initally + NOTE: 20210111: expected. The plan is to release the working parts soon. -- ceph (Emilio) NOTE: 20200707: Vulnerable to at least CVE-2018-14662. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0003c37596489f2959a971971b3d2bd972da1e25 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0003c37596489f2959a971971b3d2bd972da1e25 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
