Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix vault temp file handling #68433

Merged
merged 2 commits into from Mar 25, 2020
Merged

fix vault temp file handling #68433

merged 2 commits into from Mar 25, 2020

Conversation

bcoca
Copy link
Member

@bcoca bcoca commented Mar 24, 2020

  • use local temp dir instead of system temp
  • ensure each worker clears dataloader temp files
  • added test for dangling temp files
  • added notes to data loader

CVE-2020-10685

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

vault

@bcoca bcoca added the P1 Priority 1 - Immediate Attention Required; Release Immediately After Fixed label Mar 24, 2020
@ansibot ansibot added affects_2.10 This issue/PR affects Ansible v2.10 bug This issue/PR relates to a bug. core_review In order to be merged, this PR must follow the core review workflow. support:community This issue/PR relates to code supported by the Ansible community. support:core This issue/PR relates to code supported by the Ansible Engineering Team. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed core_review In order to be merged, this PR must follow the core review workflow. labels Mar 24, 2020
 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader
@bcoca bcoca removed the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. label Mar 25, 2020
@bcoca bcoca merged commit 6452a82 into ansible:devel Mar 25, 2020
@bcoca bcoca deleted the vault_tmp_file_fix branch March 25, 2020 19:24
bcoca added a commit to bcoca/ansible that referenced this pull request Mar 25, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
bcoca added a commit to bcoca/ansible that referenced this pull request Mar 25, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
bcoca added a commit to bcoca/ansible that referenced this pull request Mar 25, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
mattclay pushed a commit that referenced this pull request Apr 15, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
mattclay pushed a commit that referenced this pull request Apr 15, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
mattclay pushed a commit that referenced this pull request Apr 15, 2020
* fix vault tmpe file handling

 * use local temp dir instead of system temp
 * ensure each worker clears dataloader temp files
 * added test for dangling temp files
 * added notes to data loader

CVE-2020-10685

(cherry picked from commit 6452a82)
@ansible ansible locked and limited conversation to collaborators Apr 22, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
affects_2.10 This issue/PR affects Ansible v2.10 bug This issue/PR relates to a bug. P1 Priority 1 - Immediate Attention Required; Release Immediately After Fixed support:community This issue/PR relates to code supported by the Ansible community. support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants