FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ansible -- multiple vulnerabilities

Affected packages
ansible < 1.7

Details

VuXML ID e308c61a-2060-11e5-a4a5-002590263bf5
Discovery 2014-08-06
Entry 2015-07-02

Ansible, Inc. reports:

Arbitrary execution from data from compromised remote hosts or local data when using a legacy Ansible syntax - resolved in Ansible 1.7

ansible-galaxy command when used on local tarballs (and not galaxy.ansible.com) can install a malformed tarball if so provided - resolved in Ansible 1.7

References

URL http://www.ansible.com/security
URL https://raw.githubusercontent.com/ansible/ansible/devel/CHANGELOG.md