[v3.0] ansible: remote data checking code fixes (CVE-2014-4678 and related)
Ansible remote data checking code was updated to lock down some security items related to deal with untrusted data from pre-compromised remote hosts. It was a series of changes made. Some of the issues was assigned CVE-2014-4678. However the additional ones do not have CVE assigned yet.
Update to Ansible 1.6.6 is recommended.
COMMIT: https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 (not fully fix all the issues)
(from redmine: issue id 3143, created on 2014-07-03, closed on 2014-07-17)
- parent #3141 (closed)
- Revision 2d23babf by Natanael Copa on 2014-07-16T09:55:44Z:
main/ansible: security upgrade to 1.6.6 (CVE-2014-4678) fixes #3143