Skip to content

copy - redact 'content' from invocation in check mode #71033

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 3, 2020

Conversation

s-hertel
Copy link
Contributor

@s-hertel s-hertel commented Jul 31, 2020

SUMMARY

Fixes CVE-2020-14332

The copy module displayed the content parameter in the module invocation in check mode with enough verbosity.

ISSUE TYPE
  • Bugfix Pull Request

@ansibot ansibot added affects_2.11 bug This issue/PR relates to a bug. core_review In order to be merged, this PR must follow the core review workflow. files Files category needs_triage Needs a first human triage before being processed. support:community This issue/PR relates to code supported by the Ansible community. support:core This issue/PR relates to code supported by the Ansible Engineering Team. labels Jul 31, 2020
@s-hertel s-hertel changed the title copy - redact 'content' parameter from module_args invocation in check mode copy - redact 'content' from invocation in check mode Jul 31, 2020
@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. core_review In order to be merged, this PR must follow the core review workflow. and removed core_review In order to be merged, this PR must follow the core review workflow. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Jul 31, 2020
@bcoca bcoca merged commit 991714b into ansible:devel Aug 3, 2020
@bcoca bcoca removed the needs_triage Needs a first human triage before being processed. label Aug 3, 2020
s-hertel added a commit to s-hertel/ansible that referenced this pull request Aug 3, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
s-hertel added a commit to s-hertel/ansible that referenced this pull request Aug 3, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
s-hertel added a commit to s-hertel/ansible that referenced this pull request Aug 3, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
relrod pushed a commit that referenced this pull request Aug 7, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
relrod pushed a commit that referenced this pull request Aug 7, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
zoredache pushed a commit to zoredache/ansible that referenced this pull request Aug 10, 2020
* sanitize copy module invocation secrets in check mode
relrod pushed a commit that referenced this pull request Aug 27, 2020
* sanitize copy module invocation secrets in check mode

(cherry picked from commit 991714b)
@ansible ansible locked and limited conversation to collaborators Aug 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
affects_2.11 bug This issue/PR relates to a bug. core_review In order to be merged, this PR must follow the core review workflow. files Files category support:community This issue/PR relates to code supported by the Ansible community. support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants