RHSA-2020:3328: Moderate: Red Hat Ansible Tower 3.7.2-1 - RHEL7 Container

First published: Wed Aug 05 2020(Updated: )

<li> Updated Named URLs to allow for testing the presence or absence of objects (CVE-2020-14337)</li> <li> Fixed Tower Server Side Request Forgery on Credentials (CVE-2020-14327)</li> <li> Fixed Tower Server Side Request Forgery on Webhooks (CVE-2020-14328)</li> <li> Fixed Tower sensitive data exposure on labels (CVE-2020-14329) </li> <li> Added local caching for downloaded roles and collections so they are not re-downloaded on nodes where they have already been updated</li> <li> Fixed Tower’s task scheduler to no longer deadlock for clustered installations with large numbers of nodes </li> <li> Fixed the Credential Type definitions to no longer allow superusers to run unsafe Python code</li> <li> Fixed credential lookups from CyberArk AIM to no longer fail unexpectedly</li> <li> Fixed upgrades from 3.5 to 3.6 on RHEL8 in order for PostgreSQL client libraries to be upgraded on Tower nodes, which fixes the backup/restore function</li> <li> Fixed backup/restore for PostgreSQL usernames that include capital letters</li> <li> Fixed manually added host variables to no longer be removed on VMWare vCenter inventory syncs</li> <li> Fixed Red Hat Satellite inventory syncs to allow Tower to properly respect the ``verify_ssl flag``</li>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/severity
• agent/type
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2020:3328
• agent/remedy
• agent/title
• agent/description
• agent/source
• agent/tags
• agent/softwarecombine
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/red hat
• canonical/red hat ansible