ansible/changelogs/fragments/win-unzip-check-extraction-path.yml at 273159da4ca729caa008a65d27c22e4add233d70 - cmueller/ansible - tilera Git

cmueller/ansible

Alicia Cozine f509a22f9d

add changelog categories, update CVE fragments to use security_fix category (#69968 )

* use security_fix category in changelogs for CVEs

* these fragments do not say CVE but are security fixes

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>

2020-06-11 10:24:01 -07:00

4 lines

170 B

YAML

Raw Blame History

 security_fixes:
   - >
     **security issue** win_unzip - normalize paths in archive to ensure extracted
     files do not escape from the target directory (CVE-2020-1737)