Skip to content

Fix CVE-2024-11079 hostvars unsafe context #84339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sivel merged 1 commit into from
Nov 20, 2024
Merged

Fix CVE-2024-11079 hostvars unsafe context #84339

sivel merged 1 commit into from
Nov 20, 2024

Conversation

@jborean93
Copy link
Contributor

@jborean93 jborean93 commented Nov 20, 2024

SUMMARY

Fix to preserve an unsafe variable when accessing through an intermediary variable from hostvars.

ISSUE TYPE
  • Bugfix Pull Request

@jborean93
Fix CVE-2024-11079 hostvars unsafe context
449e8e3 
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.
@ansibot ansibot added bug This issue/PR relates to a bug. needs_triage Needs a first human triage before being processed. backport This PR does not target the devel branch. labels Nov 20, 2024
@jborean93 jborean93 mentioned this pull request Nov 20, 2024
Closed
1 task
@webknjaz

This comment was marked as resolved.

Sign in to view
@azure-pipelines

This comment was marked as resolved.

Sign in to view
@sivel sivel merged commit 2936b80 into ansible:stable-2.18 Nov 20, 2024
70 checks passed
@jborean93 jborean93 deleted the hostvar-unsafe-2.18 branch November 20, 2024 20:19
jborean93 added a commit to jborean93/ansible that referenced this pull request Nov 20, 2024
@jborean93
Fix CVE-2024-11079 hostvars unsafe context (ansible#84339)
c58bd9b 
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
jborean93 added a commit to jborean93/ansible that referenced this pull request Nov 20, 2024
@jborean93
Fix CVE-2024-11079 hostvars unsafe context (ansible#84339)
aabcc27 
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
This was referenced Nov 20, 2024
Merged
Merged
@jborean93
Copy link
Contributor Author

jborean93 commented Nov 20, 2024

Backport PRs

sivel pushed a commit that referenced this pull request Nov 21, 2024
@jborean93
Fix CVE-2024-11079 hostvars unsafe context (#84339) (#84354)
98774d1 
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
@mariolenz mariolenz mentioned this pull request Nov 24, 2024
Closed
sivel pushed a commit that referenced this pull request Nov 25, 2024
@jborean93
Fix CVE-2024-11079 hostvars unsafe context (#84339) (#84353)
70e83e7 
Fix to preserve an unsafe variable when accessing through an
intermediary variable from hostvars.

(cherry picked from commit 2936b80)
@sivel sivel removed the needs_triage Needs a first human triage before being processed. label Nov 25, 2024
@bcoca bcoca mentioned this pull request Nov 29, 2024
Closed
@ansible ansible locked and limited conversation to collaborators Dec 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

backport This PR does not target the devel branch. bug This issue/PR relates to a bug.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jborean93 @webknjaz @sivel @ansibot