summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorToshio Kuratomi <a.badger@gmail.com>2016-10-24 15:50:07 -0700
committerToshio Kuratomi <a.badger@gmail.com>2016-10-24 15:50:07 -0700
commit14e021496d6d30da7dfb2b6f824fd58256e62cfb (patch)
treed0032161cc0a2db14096c23dd56c4c357a389e5b
parentaadf342b46c38748700156b281bb189f87058887 (diff)
downloadansible-14e021496d6d30da7dfb2b6f824fd58256e62cfb.tar.gz
Add changelog for apt_key change
-rw-r--r--CHANGELOG.md6
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ee901c90a9..aa5cee9c07 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,12 @@ Ansible Changes By Release
## 2.1.3 "The Song Remains the Same" - TBD
+* Security fix to apt_key module. The apt_key module was always using a short
+ id (8 characters) to install keys even if a long id or fingerprint were given
+ (16 or more characters). As the chance for a collision goes down the longer
+ the id, using all of the characters that the user specified in the the key id when
+ downloading a key is one good safety precaution.
+
###Minor Changes:
* The subversion module from core now marks its password parameter as no_log so
the password is obscured when logging.