1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

docker swarm - Add no_log to the signing_ca_key argument (#1728)

This will prevent accidental disclosure.

See: CVE-2021-20191
This commit is contained in:
David Moreau Simard 2021-02-04 15:17:43 -05:00 committed by GitHub
parent b7368b9802
commit 9cccc9f0cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions

View file

@ -0,0 +1,2 @@
security_fixes:
- docker_swarm - enabled ``no_log`` for the option ``signing_ca_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1728).

View file

@ -616,7 +616,7 @@ def main():
name=dict(type='str'), name=dict(type='str'),
labels=dict(type='dict'), labels=dict(type='dict'),
signing_ca_cert=dict(type='str'), signing_ca_cert=dict(type='str'),
signing_ca_key=dict(type='str'), signing_ca_key=dict(type='str', no_log=True),
ca_force_rotate=dict(type='int'), ca_force_rotate=dict(type='int'),
autolock_managers=dict(type='bool'), autolock_managers=dict(type='bool'),
node_id=dict(type='str'), node_id=dict(type='str'),