Bug 1450018 (CVE-2017-7481)
| Summary: | CVE-2017-7481 ansible: Security issue with lookup return not tainting the jinja2 environment | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Borja Tarraso <btarraso> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | a.badger, apevec, athmanem, ayoung, bleanhar, bmcclain, btarraso, ccoleman, chrisw, cvsbot-xmlrpc, dblechte, dedgar, dmcphers, eedri, jgoulding, jialiu, jjoyce, jkeck, jschluet, kbasil, kevin, lhh, lpeer, markmc, mark, maxim, mgoldboi, michal.skrivanek, rbryant, rhos-maint, sbonazzo, sclewis, sisharma, slinaber, slong, tdawson, tdecacqu, toromoti, tvignaud, ykaul |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | ansible 2.3.1.0, ansible 2.4.0.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 03:12:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1441482, 1441485, 1450279, 1450280, 1451059, 1451060, 1451061, 1451062, 1455377, 1455378, 1461920, 1470914, 1474160 | ||
| Bug Blocks: | 1450036, 1453037 | ||
|
Description
Borja Tarraso
2017-05-11 11:59:49 UTC
Created ansible tracking bugs for this issue: Affects: epel-all [bug 1450280] Affects: fedora-all [bug 1450279] This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.2 Red Hat OpenShift Container Platform 3.3 Red Hat OpenShift Container Platform 3.4 Red Hat OpenShift Container Platform 3.5 Via RHSA-2017:1244 https://access.redhat.com/errata/RHSA-2017:1244 Acknowledgments: Name: Evgeni Golov (Red Hat) This issue has been addressed in the following products: Red Hat Gluster Storage 3.2 for RHEL 7 Via RHSA-2017:1334 https://access.redhat.com/errata/RHSA-2017:1334 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.2 Red Hat OpenShift Container Platform 3.3 Red Hat OpenShift Container Platform 3.4 Red Hat OpenShift Container Platform 3.5 Via RHSA-2017:1244 https://access.redhat.com/errata/RHSA-2017:1244 This issue has been addressed in the following products: Red Hat OpenStack Platform 11.0 (Ocata) Via RHSA-2017:1476 https://access.redhat.com/errata/RHSA-2017:1476 This issue has been addressed in the following products: Red Hat Storage Console 2 for Red Hat Enteprise Linux 7 Via RHSA-2017:1499 https://access.redhat.com/errata/RHSA-2017:1499 This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2017:1599 https://access.redhat.com/errata/RHSA-2017:1599 This issue has been addressed in the following products: RHEV Engine version 4.1 Via RHSA-2017:2524 https://access.redhat.com/errata/RHSA-2017:2524 |