FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
253c6889-06f0-11e6-925f-6805ca0b3d42	ansible -- use of predictable paths in lxc_container Ansible developers report: CVE-2016-3096: do not use predictable paths in lxc_container do not use a predictable filename for the LXC attach script don't use predictable filenames for LXC attach script logging don't set a predictable archive_path this should prevent symlink attacks which could result in data corruption data leakage privilege escalation Discovery 2016-04-02 Entry 2016-04-20 ansible ge 2.0.0.0 lt 2.0.2.0 ansible1 < 1.9.6 CVE-2016-3096 https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4 https://bugzilla.redhat.com/show_bug.cgi?id=1322925

VuXML ID

Description

253c6889-06f0-11e6-925f-6805ca0b3d42

ansible -- use of predictable paths in lxc_container

Ansible developers report:

CVE-2016-3096: do not use predictable paths in lxc_container

do not use a predictable filename for the LXC attach script

don't use predictable filenames for LXC attach script logging

don't set a predictable archive_path

this should prevent symlink attacks which could result in

data corruption

data leakage

privilege escalation

Discovery 2016-04-02
Entry 2016-04-20
ansible

ge 2.0.0.0 lt 2.0.2.0

ansible1

< 1.9.6

CVE-2016-3096
https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
https://bugzilla.redhat.com/show_bug.cgi?id=1322925