ansible/changelogs/fragments/vault_tmp_race_fix.yml
Brian Coca 28f9fbdb5e
safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
2020-04-03 10:19:01 -04:00

2 lines
147 B
YAML

bugfixes:
- "**security_issue** - create temporary vault file with strict permissions when editing and prevent race condition (CVE-2020-1740)"