ansible-collections/community.docker
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.docker.git synced 2025-12-16 11:58:43 +00:00
Code Packages Projects Releases Wiki Activity

docker swarm - Add no_log to the signing_ca_key argument (#80)

Browse Source 
* docker swarm - Add no_log to the signing_ca_key argument

This will prevent accidental disclosure.

See: CVE-2021-20191

* Update changelogs/fragments/CVE-2021-20191_no_log.yml

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
David Moreau Simard 2021-02-04 15:03:43 -05:00 committed by GitHub
parent fc2e14970b
commit 58babf738b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/CVE-2021-20191_no_log.yml Normal file
View File

@ -0,0 +1,2 @@
security_fixes:
- docker_swarm - enabled ``no_log`` for the option ``signing_ca_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.docker/pull/80).

2
plugins/modules/docker_swarm.py
View File

@ -603,7 +603,7 @@ def main():
name=dict(type='str'), name=dict(type='str'),
labels=dict(type='dict'), labels=dict(type='dict'),
signing_ca_cert=dict(type='str'), signing_ca_cert=dict(type='str'),
signing_ca_key=dict(type='str'), signing_ca_key=dict(type='str', no_log=True),
ca_force_rotate=dict(type='int'), ca_force_rotate=dict(type='int'),
autolock_managers=dict(type='bool'), autolock_managers=dict(type='bool'),
node_id=dict(type='str'), node_id=dict(type='str'),