mirror of
https://github.com/ansible-collections/community.docker.git
synced 2025-12-16 11:58:43 +00:00
e2e1bc796b
* Prevent RCE via inventory plugins.
* Do not make ansible_connection unsafe.
* Add test.
(cherry picked from commit bf1281ae7f)
3 lines
440 B
YAML
3 lines
440 B
YAML
security_fixes:
|
|
- "docker_containers, docker_machine, and docker_swarm inventory plugins - make sure all data received from the Docker daemon / Docker machine is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.docker/pull/815)."
|