1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

snmp_facts: Hide user sensitive information in console (#1621)

**SECURITY** - CVE-2021-20178

Hide user sensitive information like `privkey` and `authkey`
while logging in console.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde 2021-01-12 15:36:58 +05:30 committed by GitHub
parent 63817f7c1b
commit 3560aeb12f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions

View file

@ -0,0 +1,2 @@
security_fixes:
- 'snmp_facts - **CVE-2021-20178** - hide user sensitive information such as ``privkey`` and ``authkey`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1621).'

View file

@ -269,8 +269,8 @@ def main():
level=dict(type='str', choices=['authNoPriv', 'authPriv']),
integrity=dict(type='str', choices=['md5', 'sha']),
privacy=dict(type='str', choices=['aes', 'des']),
authkey=dict(type='str'),
privkey=dict(type='str'),
authkey=dict(type='str', no_log=True),
privkey=dict(type='str', no_log=True),
),
required_together=(
['username', 'level', 'integrity', 'authkey'],