- Vulnerability/
- RHBA-2020:1540
RHBA-2020:1540: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
First published: Wed Apr 22 2020(Updated: )
<li> Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity</li> <li> Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)</li> <li> Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)</li> <li> Fixed event hostnames to be recorded for playbooks run on isolated nodes</li> <li> Fixed a PostgreSQL issue that caused upgrade failures in certain situations</li> <li> Fixed the search for Source Control credentials in the Tower user interface</li> <li> Fixed a performance issue to no longer delay the output of project updates for certain users</li> <li> Fixed the installations to no longer fail with admin passwords that contain certain special characters</li> <li> Fixed the start time to correctly set for approval notifications</li> <li> Fixed an inconsistency in gathered inventory analytics</li> <li> Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)</li> <li> Updated single sign-on integration to address several upcoming GitHub API deprecations</li> <li> Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109</li> <li> Updated translations</li>
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/redhat-errata
- anchor-id/RHBA-2020:1540
- agent/title
- agent/references
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date