FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-15 13:57:56 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4c9159ea-d4c9-11eb-aeee-8c164582fbac	Ansible -- Templating engine bug Ansible developers report: Templating engine fix for not preserving usnafe status when trying to preserve newlines. Discovery 2021-06-10 Entry 2021-06-24 Modified 2021-06-25 py36-ansible-core py37-ansible-core py38-ansible-core py39-ansible-core < 2.11.2 py36-ansible-base py37-ansible-base py38-ansible-base py39-ansible-base < 2.10.11 py36-ansible2 py37-ansible2 py38-ansible2 py39-ansible2 < 2.9.23 py36-ansible py37-ansible py38-ansible py39-ansible < 2.9.23 CVE-2021-3583 https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#security-fixes https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes https://github.com/ansible/ansible/pull/74960 https://groups.google.com/g/ansible-announce/c/tmIgD1DpZJg
9a8514f3-2ab8-11ec-b3a1-8c164582fbac	Ansible -- Ansible user credentials disclosure in ansible-connection module Red Hat reports: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality. Discovery 2021-06-25 Entry 2021-10-11 py36-ansible-core py37-ansible-core py38-ansible-core py39-ansible-core py310-ansible-core < 2.11.6 py36-ansible-base py37-ansible-base py38-ansible-base py39-ansible-base py310-ansible-base < 2.10.15 py36-ansible2 py37-ansible2 py38-ansible2 py39-ansible2 py310-ansible2 < 2.9.27 py36-ansible py37-ansible py38-ansible py39-ansible py310-ansible < 2.9.27 CVE-2021-3620 https://access.redhat.com/security/cve/CVE-2021-3620 https://nvd.nist.gov/vuln/detail/CVE-2021-3620 https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#v2-9-27 https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#v2-10-15 https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#v2-11-6

VuXML ID

Description

4c9159ea-d4c9-11eb-aeee-8c164582fbac

Ansible -- Templating engine bug

Ansible developers report:

Templating engine fix for not preserving usnafe status when trying to preserve newlines.

Discovery 2021-06-10
Entry 2021-06-24
Modified 2021-06-25
py36-ansible-core
py37-ansible-core
py38-ansible-core
py39-ansible-core

< 2.11.2

py36-ansible-base
py37-ansible-base
py38-ansible-base
py39-ansible-base

< 2.10.11

py36-ansible2
py37-ansible2
py38-ansible2
py39-ansible2

< 2.9.23

py36-ansible
py37-ansible
py38-ansible
py39-ansible

< 2.9.23

CVE-2021-3583
https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#security-fixes
https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes
https://github.com/ansible/ansible/pull/74960
https://groups.google.com/g/ansible-announce/c/tmIgD1DpZJg

9a8514f3-2ab8-11ec-b3a1-8c164582fbac

Ansible -- Ansible user credentials disclosure in ansible-connection module

Red Hat reports:

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

Discovery 2021-06-25
Entry 2021-10-11
py36-ansible-core
py37-ansible-core
py38-ansible-core
py39-ansible-core
py310-ansible-core

< 2.11.6

py36-ansible-base
py37-ansible-base
py38-ansible-base
py39-ansible-base
py310-ansible-base

< 2.10.15

py36-ansible2
py37-ansible2
py38-ansible2
py39-ansible2
py310-ansible2

< 2.9.27

py36-ansible
py37-ansible
py38-ansible
py39-ansible
py310-ansible

< 2.9.27

CVE-2021-3620
https://access.redhat.com/security/cve/CVE-2021-3620
https://nvd.nist.gov/vuln/detail/CVE-2021-3620
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#v2-9-27
https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#v2-10-15
https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#v2-11-6