Skip to content

[Security] Bump ansible-core from 2.16.0 to 2.16.1

HIFIS Bot requested to merge dependabot-pip-ansible-core-2.16.1 into main

Bumps ansible-core from 2.16.0 to 2.16.1. This update includes a security fix.

Vulnerabilities fixed

Ansible template injection vulnerability A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.

Patched versions: 2.16.1 Affected versions: >= 2.16.0, < 2.16.1

Release notes

Sourced from ansible-core's releases.

v2.16.1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.1rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

Commits

Merge request reports

Loading