internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-08 22:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add no_log to some module arguments (#1725)

Browse Source 
* Add no_log to some module arguments

This will prevent potentially sensitive information from being printed to
the console.

See: CVE-2021-20191

* Update changelogs/fragments/CVE-2021-20191_no_log.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
David Moreau Simard
2021-02-04 15:02:21 -05:00
committed by GitHub
parent 2297f2f802
commit ae8edc02e1
4 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
changelogs/fragments/CVE-2021-20191_no_log.yml Normal file
View File

@@ -0,0 +1,4 @@
security_fixes:
- module_utils/_netapp, na_ontap_gather_facts - enabled ``no_log`` for the options ``api_key`` and ``secret_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
- module_utils/identity/keycloak, keycloak_client, keycloak_clienttemplate, keycloak_group - enabled ``no_log`` for the option ``auth_client_secret`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
- utm_proxy_auth_profile - enabled ``no_log`` for the option ``frontend_cookie_secret`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).