Skip to content

Commit

Permalink
[2.9] Callback: removing args from task_fields from Sumologic and Spl…
Browse files Browse the repository at this point in the history
…unk plugin (#64274)

CVE-2019-14864 Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

Fixes #63522

Signed-off-by: Patrick O’Brien <patrick.obrien@thetradedesk.com>
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit c76e074)
Akasurde authored and nitzmahone committed Nov 12, 2019
1 parent 8cc018d commit a0ec297
Showing 3 changed files with 8 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
bugfixes:
- '**security issue** - Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)'
3 changes: 3 additions & 0 deletions lib/ansible/plugins/callback/splunk.py
Original file line number Diff line number Diff line change
@@ -98,6 +98,9 @@ def send_event(self, url, authtoken, state, result, runtime):
else:
ansible_role = None

if 'args' in result._task_fields:
del result._task_fields['args']

data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session
3 changes: 3 additions & 0 deletions lib/ansible/plugins/callback/sumologic.py
Original file line number Diff line number Diff line change
@@ -89,6 +89,9 @@ def send_event(self, url, state, result, runtime):
else:
ansible_role = None

if 'args' in result._task_fields:
del result._task_fields['args']

data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session

0 comments on commit a0ec297

Please sign in to comment.