(RHSA-2023:4991) Low: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update

2023-09-0612:59:39

access.redhat.com

red hat

automation platform

security fix

enterprise

it automation

management

scale

ansible

content sharing.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

26.9%

JSON

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

automation-controller: GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional changes:

ansible-core has been updated to 2.14.9 (AAP-15270)
automation-controller has been updated to 4.3.13 (AAP-15548)
automation controller: Fix bug that can cause a deadlock on shutdown when redis is unavailable. (AAP-14217)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64ansible-test< 2.14.9-1.el8apansible-test-2.14.9-1.el8ap.x86_64.rpm
RedHat8x86_64automation-controller-cli< 4.3.13-1.el8apautomation-controller-cli-4.3.13-1.el8ap.x86_64.rpm
RedHat9x86_64automation-controller-venv-tower< 4.3.13-1.el9apautomation-controller-venv-tower-4.3.13-1.el9ap.x86_64.rpm
RedHat8x86_64ansible-core< 2.14.9-1.el8apansible-core-2.14.9-1.el8ap.x86_64.rpm
RedHat8x86_64automation-controller-venv-tower< 4.3.13-1.el8apautomation-controller-venv-tower-4.3.13-1.el8ap.x86_64.rpm
RedHat9x86_64automation-controller-server< 4.3.13-1.el9apautomation-controller-server-4.3.13-1.el9ap.x86_64.rpm
RedHat8x86_64automation-controller-server< 4.3.13-1.el8apautomation-controller-server-4.3.13-1.el8ap.x86_64.rpm
RedHat9x86_64automation-controller-ui< 4.3.13-1.el9apautomation-controller-ui-4.3.13-1.el9ap.x86_64.rpm
RedHat9x86_64ansible-test< 2.14.9-1.el9apansible-test-2.14.9-1.el9ap.x86_64.rpm
RedHat8x86_64automation-controller< 4.3.13-1.el8apautomation-controller-4.3.13-1.el8ap.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	ansible-test	< 2.14.9-1.el8ap	ansible-test-2.14.9-1.el8ap.x86_64.rpm
RedHat	8	x86_64	automation-controller-cli	< 4.3.13-1.el8ap	automation-controller-cli-4.3.13-1.el8ap.x86_64.rpm
RedHat	9	x86_64	automation-controller-venv-tower	< 4.3.13-1.el9ap	automation-controller-venv-tower-4.3.13-1.el9ap.x86_64.rpm
RedHat	8	x86_64	ansible-core	< 2.14.9-1.el8ap	ansible-core-2.14.9-1.el8ap.x86_64.rpm
RedHat	8	x86_64	automation-controller-venv-tower	< 4.3.13-1.el8ap	automation-controller-venv-tower-4.3.13-1.el8ap.x86_64.rpm
RedHat	9	x86_64	automation-controller-server	< 4.3.13-1.el9ap	automation-controller-server-4.3.13-1.el9ap.x86_64.rpm
RedHat	8	x86_64	automation-controller-server	< 4.3.13-1.el8ap	automation-controller-server-4.3.13-1.el8ap.x86_64.rpm
RedHat	9	x86_64	automation-controller-ui	< 4.3.13-1.el9ap	automation-controller-ui-4.3.13-1.el9ap.x86_64.rpm
RedHat	9	x86_64	ansible-test	< 2.14.9-1.el9ap	ansible-test-2.14.9-1.el9ap.x86_64.rpm
RedHat	8	x86_64	automation-controller	< 4.3.13-1.el8ap	automation-controller-4.3.13-1.el8ap.x86_64.rpm