Date: Fri, 17 Apr 2020 22:29:36 +0000 (UTC) From: Muhammad Moinur Rahman <bofh@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r531977 - head/security/vuxml Message-ID: <202004172229.03HMTarx082789@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bofh Date: Fri Apr 17 22:29:36 2020 New Revision: 531977 URL: https://svnweb.freebsd.org/changeset/ports/531977 Log: sysutils/ansible*: Add multiple Vulnerabilities - Add vuxml entry for CVE-2020-1737, CVE-2020-1739 and CVE-2020-1740 Security: CVE-2020-1737 Security: CVE-2020-1739 Security: CVE-2020-1740 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Fri Apr 17 21:07:45 2020 (r531976) +++ head/security/vuxml/vuln.xml Fri Apr 17 22:29:36 2020 (r531977) @@ -58,6 +58,167 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="ae2e7871-80f6-11ea-bafd-815569f3852d"> + <topic>ansible - Vault password leak from temporary file</topic> + <affects> + <package> + <name>ansible</name> + <range><lt>2.8.9</lt></range> + </package> + <package> + <name>ansible27</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible26</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible25</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible24</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible23</name> + <range><lt>2.7.17</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Borja Tarraso reports:</p> + <blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740"> + <p>A flaw was found in Ansible Engine when using Ansible Vault for editing + encrypted files. When a user executes "ansible-vault edit", another user + on the same computer can read the old and new secret, as it is created in + a temporary file with mkstemp and the returned file descriptor is closed + and the method write_data is called to write the existing secret in the + file. This method will delete the file before recreating it insecurely. + All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.</p> + </blockquote> + </body> + </description> + <references> + <url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740</url> + <url>https://github.com/ansible/ansible/issues/67798</url> + <cvename>CVE-2020-1740</cvename> + </references> + <dates> + <discovery>2020-02-12</discovery> + <entry>2020-04-17</entry> + </dates> + </vuln> + + <vuln vid="67dbeeb6-80f4-11ea-bafd-815569f3852d"> + <topic>ansible - subversion password leak from PID</topic> + <affects> + <package> + <name>ansible</name> + <range><lt>2.8.9</lt></range> + </package> + <package> + <name>ansible27</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible26</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible25</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible24</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible23</name> + <range><lt>2.7.17</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Borja Tarraso reports:</p> + <blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739"> + <p>A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 + and prior when a password is set with the argument "password" of svn module, + it is used on svn command line, disclosing to other users within the same + node. An attacker could take advantage by reading the cmdline file from that + particular PID on the procfs.</p> + </blockquote> + </body> + </description> + <references> + <url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739</url> + <url>https://github.com/ansible/ansible/issues/67797</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/</url> + <cvename>CVE-2020-1739</cvename> + </references> + <dates> + <discovery>2020-02-12</discovery> + <entry>2020-04-17</entry> + </dates> + </vuln> + + <vuln vid="0899c0d3-80f2-11ea-bafd-815569f3852d"> + <topic>ansible - win_unzip path normalization</topic> + <affects> + <package> + <name>ansible</name> + <range><lt>2.8.9</lt></range> + </package> + <package> + <name>ansible27</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible26</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible25</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible24</name> + <range><lt>2.7.17</lt></range> + </package> + <package> + <name>ansible23</name> + <range><lt>2.7.17</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Borja Tarraso reports:</p> + <blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737"> + <p>A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and + prior when using the Extract-Zip function from the win_unzip module as the + extracted file(s) are not checked if they belong to the destination folder. An + attacker could take advantage of this flaw by crafting an archive anywhere in + the file system, using a path traversal. This issue is fixed in 2.10.</p> + </blockquote> + </body> + </description> + <references> + <url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737</url> + <url>https://github.com/ansible/ansible/issues/67795</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/</url> + <url>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/</url> + <cvename>CVE-2020-1737</cvename> + </references> + <dates> + <discovery>2020-02-12</discovery> + <entry>2020-04-17</entry> + </dates> + </vuln> + <vuln vid="25efe05c-7ffc-11ea-b594-3065ec8fd3ec"> <topic>chromium -- use after free</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004172229.03HMTarx082789>