Reviewed: https://review.openstack.org/196144 Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=5514ae8878d787f63b24f980f204475524ec6644 Submitter: Jenkins Branch: kilo commit 5514ae8878d787f63b24f980f204475524ec6644 Author: Tom Cameron <tom.cameron at rackspace.com> Date: Fri Jun 26 10:37:41 2015 -0400 Upgrade to ansible 1.9.2 Update Ansible version to v1.9.2-1. This update includes a fix to address CVE-2015-3908 - A vulnerability where HTTPS can be MITM'd. Change-Id: I4dca72706cf73cdd974788e9c012ad8ecb7a9c15 Closes-Bug: #1466216 (cherry picked from commit c22296272e4e299db7c12f5f9b4608737da13729) ** Changed in: openstack-ansible/kilo Status: In Progress => Fix Committed -- You received this bug notification because you are a member of OpenStack Security, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1466216 Title: Upgrade to ansible 1.9.2 when released Status in Ansible playbooks for deploying OpenStack: Fix Committed Status in openstack-ansible kilo series: Fix Committed Status in openstack-ansible trunk series: Fix Committed Bug description: Ansible 1.9.2 (unreleased) fixed a CVE-2015-3908 that affected usage of get_url. The vulnerability is related to allowing an HTTPS connection to be MITM'd. To manage notifications about this bug go to: https://bugs.launchpad.net/openstack-ansible/+bug/1466216/+subscriptions