USN-6846-2: Ansible regression

Read Time:39 Second

USN-6846-1 fixed vulnerabilities in ansible. The update introduced a
regression in ansible. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that Ansible incorrectly handled certain inputs when
using tower_callback parameter. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-3697)

It was discovered that Ansible incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to perform a
Template Injection. (CVE-2023-5764)

New Advances in the Understanding of Prime Numbers

US Government Issues Cloud Security Requirements for Federal Agencies

Phishing Attacks Double in 2024

New Attacks Exploit VSCode Extensions and npm Packages

It’s time to stop calling it “pig butchering”

How to Lose a Fortune with Just One Bad Click

Attacker Distributes DarkGate Using MS Teams Vishing Technique

Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

Meta Hit with Massive $263m GDPR Fine

USN-7172-1: libvpx vulnerability

USN-7176-1: GStreamer Good Plugins vulnerabilities

USN-7175-1: GStreamer Base Plugins vulnerabilities

USN-7174-1: GStreamer vulnerability

USN-7171-1: PHPUnit vulnerability

USN-7168-1: EditorConfig vulnerabilities