CWE
79
Advisory Published
Advisory Published

RHSA-2020:4136: Moderate: security update - Red Hat Ansible Tower 3.7.3-1 - RHEL7 Container

First published: Wed Sep 30 2020(Updated: )

<li> Updated to the latest version of the git-python library to no longer cause certain jobs to fail</li> <li> Updated to the latest version of the ovirt.ovirt collection to no longer cause connections to hang when syncing inventory from oVirt/RHV</li> <li> Added a number of optimizations to Ansible Tower's callback receiver to improve the speed of stdout processing for simultaneous playbooks runs</li> <li> Added an optional setting to disable the auto-creation of organizations and teams on successful SAML login</li> <li> Fixed an XSS vulnerability (CVE-2020-25626)</li> <li> Fixed a slow memory leak in the Daphne process</li> <li> Fixed Automation Analytics data gathering to no longer fail for customers with large datasets</li> <li> Fixed scheduled jobs that run every X minute(s) or hour(s) to no longer fail to run at the proper time</li> <li> Fixed delays in Ansible Tower's task manager when large numbers of simultaneous jobs are scheduled</li> <li> Fixed the performance for playbooks that store large amounts of data using the set_stats module</li> <li> Fixed the awx-manage remove_from_queue tool when used with isolated nodes</li> <li> Fixed an issue that prevented jobs from being properly marked as canceled when Tower is backed up and then restored to another environment</li>

Affected SoftwareAffected VersionHow to fix
Red Hat Ansible

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of RHSA-2020:4136?

    The severity of RHSA-2020:4136 is classified as important.

  • How do I fix RHSA-2020:4136?

    To fix RHSA-2020:4136, update your Red Hat Ansible Tower to the latest version.

  • What issues does RHSA-2020:4136 address?

    RHSA-2020:4136 addresses job failures in the git-python library and connection hangs when syncing inventory from oVirt/RHV.

  • Is RHSA-2020:4136 applicable to all versions of Ansible Tower?

    RHSA-2020:4136 is applicable only to specific versions of Red Hat Ansible Tower; check the advisory for details.

  • What components are updated in RHSA-2020:4136?

    RHSA-2020:4136 includes updates to the git-python library and the ovirt.ovirt collection.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203