Question regarding ansible (CVE-2019-14846)

To: Chris Lamb <lamby@debian.org>
Cc: debian-lts@lists.debian.org
Subject: Question regarding ansible (CVE-2019-14846)
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Fri, 11 Oct 2019 23:52:19 +0530
Message-id: <[🔎] d131b402-85eb-5b3c-0280-a8c32b132f70@gmail.com>

Hi Chris,

I recently saw your note regarding ansible, saying that the affected
code is in lib/ansible/callbacks.py.
However, the upstream claims to have fixed this in this pull request[1]
and it doesn't seem that the affected file is callbacks.py.

Could you clear this out a little maybe?


Best,
Utkarsh
---
[1]: https://github.com/ansible/ansible/pull/63366/files

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: Question regarding ansible (CVE-2019-14846)
  - From: "Chris Lamb" <lamby@debian.org>

Prev by Date: Re: Security issues in standards (ruby-openid / CVE-2019-11027)
Next by Date: Re: Question regarding ansible (CVE-2019-14846)
Previous by thread: Re: clamd update, some tests failing
Next by thread: Re: Question regarding ansible (CVE-2019-14846)
Index(es):
- Date
- Thread