ansible/changelogs/fragments/subversion_password.yaml
Sloane Hertel d91658ec0c
subversion module - provide password securely when possible or warn (#67829)
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.

Co-authored-by: Sam Doran <sdoran@redhat.com>
2020-04-13 10:21:10 -04:00

9 lines
399 B
YAML

bugfixes:
- >
**security issue** - The ``subversion`` module provided the password
via the svn command line option ``--password`` and can be retrieved
from the host's /proc/<pid>/cmdline file. Update the module to use
the secure ``--password-from-stdin`` option instead, and add a warning
in the module and in the documentation if svn version is too old to
support it.
(CVE-2020-1739)