Bug 1065872 - (CVE-2017-7550) VUL-0: CVE-2017-7550 ansible: jenkins_plugin module exposes passwords in remote host logs
(CVE-2017-7550)
VUL-0: CVE-2017-7550 ansible: jenkins_plugin module exposes passwords in remo...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/192463/
CVSSv3:NVD:CVE-2017-7550:9.8:(AV:N/AC...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-31 15:36 UTC by Andreas Stieger
Modified: 2022-04-12 15:14 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Swamp Workflow Management 2017-11-10 17:11:21 UTC
openSUSE-SU-2017:2976-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1008037,1008038,1019021,1038785,1065872
CVE References: CVE-2016-8614,CVE-2016-8628,CVE-2016-9587,CVE-2017-7481,CVE-2017-7550
Sources used:
openSUSE Leap 42.3 (src):    ansible-2.4.1.0-6.1
openSUSE Leap 42.2 (src):    ansible-2.4.1.0-2.4.1
Comment 2 Swamp Workflow Management 2017-11-10 17:12:22 UTC
openSUSE-SU-2017:2978-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1008037,1008038,1019021,1038785,1065872
CVE References: CVE-2016-8614,CVE-2016-8628,CVE-2016-9587,CVE-2017-7481,CVE-2017-7550
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    ansible-2.4.1.0-6.1
Comment 6 Tomáš Chvátal 2018-01-25 16:28:59 UTC
Well the submission for TD is in place so nothing more should be needed from pack team.
Comment 7 Marcus Meissner 2018-01-26 07:11:28 UTC
Cloud 7

OpenStack-Cloud_7                       SUSE:SLE-12-SP2:Update:Products:Cloud7:Update
Comment 9 Dirk Mueller 2018-02-09 08:54:41 UTC
this has been submitted as far as I can see. I've updated the version for cloud 8 (crowbar). SOC8 remains affected.
Comment 12 Swamp Workflow Management 2018-03-05 14:12:31 UTC
SUSE-SU-2018:0605-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1065872
CVE References: CVE-2017-7550
Sources used:
SUSE OpenStack Cloud 7 (src):    ansible-2.2.3.0-9.1
Comment 13 Marcus Meissner 2018-09-07 14:39:23 UTC
done