diff options
Diffstat (limited to 'changelogs/fragments/dont-template-cli-passwords.yml')
| -rw-r--r-- | changelogs/fragments/dont-template-cli-passwords.yml | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/changelogs/fragments/dont-template-cli-passwords.yml b/changelogs/fragments/dont-template-cli-passwords.yml deleted file mode 100644 index 86809bf50f..0000000000 --- a/changelogs/fragments/dont-template-cli-passwords.yml +++ /dev/null @@ -1,12 +0,0 @@ -security_fixes: -- > - **security issue** - Convert CLI provided passwords to text initially, to - prevent unsafe context being lost when converting from bytes->text during - post processing of PlayContext. This prevents CLI provided passwords from - being incorrectly templated (CVE-2019-14856) -- > - **security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` - to maintain unsafe context by overriding ``.encode`` and ``.decode``. This - prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` - removing the unsafe wrapper when converting between string types - (CVE-2019-14856) |