Callback: removing args from task_fields from Sumologic and Splunk plugin(#63527)

CVE-2019-14864 Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

Fixes #63522

Signed-off-by: Patrick O’Brien <patrick.obrien@thetradedesk.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Patrick O'Brien 2019-11-01 07:21:11 -07:00 committed by Abhijeet Kasurde
parent 56d5fd34e3
commit c76e074e4c
3 changed files with 8 additions and 0 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- '**security issue** - Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)'

View file

@ -98,6 +98,9 @@ class SplunkHTTPCollectorSource(object):
else:
ansible_role = None
if 'args' in result._task_fields:
del result._task_fields['args']
data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session

View file

@ -89,6 +89,9 @@ class SumologicHTTPCollectorSource(object):
else:
ansible_role = None
if 'args' in result._task_fields:
del result._task_fields['args']
data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session