[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question regarding ansible (CVE-2019-14846)

On 12/10/19 12:43 am, Chris Lamb wrote:
> Hi Utkarsh,
>> I recently saw your note regarding ansible, saying that the affected
>> code is in lib/ansible/callbacks.py.
>> However, the upstream claims to have fixed this in this pull request[1]
>> and it doesn't seem that the affected file is callbacks.py.
> Sure. So, upstream's pull request is naturally for the master/current branch and my comment was regarding the somewhat older version in jessie.
> I have clarified this here:
>   https://salsa.debian.org/security-tracker-team/security-tracker/commit/ffed84c32815c12003d81bb4194eed5d743e3ebc

Hah, this clears it up.
Thank you!


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: