New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

split PS wrapper and payload #49142

Merged
merged 1 commit into from Nov 26, 2018

Conversation

Projects
None yet
3 participants
@nitzmahone
Member

nitzmahone commented Nov 26, 2018

SUMMARY
  • addresses CVE-2018-16859
  • prevent scriptblock logging from logging payload contents
  • added tests to verify no payload contents in PS Operational event log
  • fix script action to send split-aware wrapper
  • fix CLIXML error parser (return to -EncodedCommand exposed problems with it)
ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

powershell.py

ADDITIONAL INFORMATION
@ansibot

This comment has been minimized.

Contributor

ansibot commented Nov 26, 2018

Hi @nitzmahone, thank you for submitting this pull-request!

click here for bot help

@ansibot

This comment has been minimized.

Contributor

ansibot commented Nov 26, 2018

split PS wrapper and payload (CVE-2018-16859)
* prevent scriptblock logging from logging payload contents
* added tests to verify no payload contents in PS Operational event log
* fix script action to send split-aware wrapper
* fix CLIXML error parser (return to -EncodedCommand exposed problems with it)

@nitzmahone nitzmahone force-pushed the nitzmahone:ps_sb_logging_safety branch from a1c3d38 to 5a3dd50 Nov 26, 2018

@ansibot ansibot removed the needs_triage label Nov 26, 2018

@nitzmahone nitzmahone merged commit 8c1f701 into ansible:devel Nov 26, 2018

1 check failed

Shippable Run 95237 status is FAILED.
Details
@nitzmahone

This comment has been minimized.

Member

nitzmahone commented Nov 26, 2018

unrelated transient test failure, merging

pedrohc added a commit to RedHatProductSecurity/cvelist that referenced this pull request Nov 29, 2018

Updated version information
Based on ansible/ansible#49142 posted to the original reference.

mjmayer added a commit to mjmayer/ansible that referenced this pull request Nov 30, 2018

split PS wrapper and payload (CVE-2018-16859) (ansible#49142)
* prevent scriptblock logging from logging payload contents
* added tests to verify no payload contents in PS Operational event log
* fix script action to send split-aware wrapper
* fix CLIXML error parser (return to -EncodedCommand exposed problems with it)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment