Red Hat Product Errata RHSA-2024:2246 - Security Advisory
Issued:
2024-04-30
Updated:
2024-04-30

RHSA-2024:2246 - Security Advisory

Synopsis

Moderate: ansible-core bug fix, enhancement, and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ansible-core is now available for Red Hat Enterprise Linux 9.

'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

Security Fix(es):

  • ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration (CVE-2024-0690)

Bug Fix(es):

  • Update ansible-core to 2.14.14 (JIRA:RHEL-23783)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2259013 - CVE-2024-0690 ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration
  • RHEL-18950 - Update ansible-core to 2.14.12
  • RHEL-19298 - Update ansible-core to 2.14.13
  • RHEL-23783 - Update ansible-core to 2.14.14

Red Hat Enterprise Linux for x86_64 9

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
x86_64
ansible-core-2.14.14-1.el9.x86_64.rpm SHA-256: b7bae6df7e1ce827598884455da1079bd508d531e545ea88db28df92ae318adb
ansible-test-2.14.14-1.el9.x86_64.rpm SHA-256: c6c1809fcbc4799d58fe871b45caa0f33f3881078e41d257997a2c0f6d923e7c

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
x86_64
ansible-core-2.14.14-1.el9.x86_64.rpm SHA-256: b7bae6df7e1ce827598884455da1079bd508d531e545ea88db28df92ae318adb
ansible-test-2.14.14-1.el9.x86_64.rpm SHA-256: c6c1809fcbc4799d58fe871b45caa0f33f3881078e41d257997a2c0f6d923e7c

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
x86_64
ansible-core-2.14.14-1.el9.x86_64.rpm SHA-256: b7bae6df7e1ce827598884455da1079bd508d531e545ea88db28df92ae318adb
ansible-test-2.14.14-1.el9.x86_64.rpm SHA-256: c6c1809fcbc4799d58fe871b45caa0f33f3881078e41d257997a2c0f6d923e7c

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
s390x
ansible-core-2.14.14-1.el9.s390x.rpm SHA-256: e6f865a4fc597d0e982d1d7b972fdd9beea8a8ea6b1cf9fb5717695f2ee2413e
ansible-test-2.14.14-1.el9.s390x.rpm SHA-256: 553982efb2c127a149c3dd714a395b0500af376e5cb295901c9458f99e51cb98

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
s390x
ansible-core-2.14.14-1.el9.s390x.rpm SHA-256: e6f865a4fc597d0e982d1d7b972fdd9beea8a8ea6b1cf9fb5717695f2ee2413e
ansible-test-2.14.14-1.el9.s390x.rpm SHA-256: 553982efb2c127a149c3dd714a395b0500af376e5cb295901c9458f99e51cb98

Red Hat Enterprise Linux for Power, little endian 9

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
ppc64le
ansible-core-2.14.14-1.el9.ppc64le.rpm SHA-256: 7fce4d028b14e65bc63c5830e26d674b39a0f76e5cc746e05b7da572863d7abe
ansible-test-2.14.14-1.el9.ppc64le.rpm SHA-256: 233e4527a3b9cd4cf6efa08439cf275013fa0a2174bc0e5bfffc8eb0651c2272

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
ppc64le
ansible-core-2.14.14-1.el9.ppc64le.rpm SHA-256: 7fce4d028b14e65bc63c5830e26d674b39a0f76e5cc746e05b7da572863d7abe
ansible-test-2.14.14-1.el9.ppc64le.rpm SHA-256: 233e4527a3b9cd4cf6efa08439cf275013fa0a2174bc0e5bfffc8eb0651c2272

Red Hat Enterprise Linux for ARM 64 9

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
aarch64
ansible-core-2.14.14-1.el9.aarch64.rpm SHA-256: 35d84d27ca79ecd5e4f32391f3e9024f06de7df6a522e2b2d585c5ac5b697090
ansible-test-2.14.14-1.el9.aarch64.rpm SHA-256: 570f122670678cf9a7a265e31ca3d88dc355ff9e2083be172a84cf513faf6e16

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
aarch64
ansible-core-2.14.14-1.el9.aarch64.rpm SHA-256: 35d84d27ca79ecd5e4f32391f3e9024f06de7df6a522e2b2d585c5ac5b697090
ansible-test-2.14.14-1.el9.aarch64.rpm SHA-256: 570f122670678cf9a7a265e31ca3d88dc355ff9e2083be172a84cf513faf6e16

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
ppc64le
ansible-core-2.14.14-1.el9.ppc64le.rpm SHA-256: 7fce4d028b14e65bc63c5830e26d674b39a0f76e5cc746e05b7da572863d7abe
ansible-test-2.14.14-1.el9.ppc64le.rpm SHA-256: 233e4527a3b9cd4cf6efa08439cf275013fa0a2174bc0e5bfffc8eb0651c2272

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
x86_64
ansible-core-2.14.14-1.el9.x86_64.rpm SHA-256: b7bae6df7e1ce827598884455da1079bd508d531e545ea88db28df92ae318adb
ansible-test-2.14.14-1.el9.x86_64.rpm SHA-256: c6c1809fcbc4799d58fe871b45caa0f33f3881078e41d257997a2c0f6d923e7c

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
aarch64
ansible-core-2.14.14-1.el9.aarch64.rpm SHA-256: 35d84d27ca79ecd5e4f32391f3e9024f06de7df6a522e2b2d585c5ac5b697090
ansible-test-2.14.14-1.el9.aarch64.rpm SHA-256: 570f122670678cf9a7a265e31ca3d88dc355ff9e2083be172a84cf513faf6e16

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
ansible-core-2.14.14-1.el9.src.rpm SHA-256: 1c7cfaadfe8406e54b9a96075794bb6d2ea9369266173c1f33ddff48bfbb3f43
s390x
ansible-core-2.14.14-1.el9.s390x.rpm SHA-256: e6f865a4fc597d0e982d1d7b972fdd9beea8a8ea6b1cf9fb5717695f2ee2413e
ansible-test-2.14.14-1.el9.s390x.rpm SHA-256: 553982efb2c127a149c3dd714a395b0500af376e5cb295901c9458f99e51cb98

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.