Jason McKerr of Red Hat reports: Data returned in lookup() variables is not marked as unsafe and could result in unicode strings being passed through to the jinja2 templating system.
Created ansible tracking bugs for this issue: Affects: epel-all [bug 1450280] Affects: fedora-all [bug 1450279]
upstream fix: https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.2 Red Hat OpenShift Container Platform 3.3 Red Hat OpenShift Container Platform 3.4 Red Hat OpenShift Container Platform 3.5 Via RHSA-2017:1244 https://access.redhat.com/errata/RHSA-2017:1244
Acknowledgments: Name: Evgeni Golov (Red Hat)
This issue has been addressed in the following products: Red Hat Gluster Storage 3.2 for RHEL 7 Via RHSA-2017:1334 https://access.redhat.com/errata/RHSA-2017:1334
This issue has been addressed in the following products: Red Hat OpenStack Platform 11.0 (Ocata) Via RHSA-2017:1476 https://access.redhat.com/errata/RHSA-2017:1476
This issue has been addressed in the following products: Red Hat Storage Console 2 for Red Hat Enteprise Linux 7 Via RHSA-2017:1499 https://access.redhat.com/errata/RHSA-2017:1499
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2017:1599 https://access.redhat.com/errata/RHSA-2017:1599
This issue has been addressed in the following products: RHEV Engine version 4.1 Via RHSA-2017:2524 https://access.redhat.com/errata/RHSA-2017:2524