Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix CVE-2024-11079 hostvars unsafe context #84339

Merged
merged 1 commit into from
Nov 20, 2024

Conversation

jborean93
Copy link
Contributor

SUMMARY

Fix to preserve an unsafe variable when accessing through an intermediary variable from hostvars.

ISSUE TYPE
  • Bugfix Pull Request

Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.
@ansibot ansibot added bug This issue/PR relates to a bug. needs_triage Needs a first human triage before being processed. backport This PR does not target the devel branch. labels Nov 20, 2024
@webknjaz

This comment was marked as resolved.

This comment was marked as resolved.

@sivel sivel merged commit 2936b80 into ansible:stable-2.18 Nov 20, 2024
70 checks passed
@jborean93 jborean93 deleted the hostvar-unsafe-2.18 branch November 20, 2024 20:19
jborean93 added a commit to jborean93/ansible that referenced this pull request Nov 20, 2024
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
jborean93 added a commit to jborean93/ansible that referenced this pull request Nov 20, 2024
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
@jborean93
Copy link
Contributor Author

sivel pushed a commit that referenced this pull request Nov 21, 2024
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
sivel pushed a commit that referenced this pull request Nov 25, 2024
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
@sivel sivel removed the needs_triage Needs a first human triage before being processed. label Nov 25, 2024
@ansible ansible locked and limited conversation to collaborators Dec 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
backport This PR does not target the devel branch. bug This issue/PR relates to a bug.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants