Skip to content

Commit

Permalink
added 2.0.1 release summary
Browse files Browse the repository at this point in the history
  • Loading branch information
dericcrago committed Feb 9, 2021
1 parent 50e8500 commit 24b8827
Show file tree
Hide file tree
Showing 4 changed files with 49 additions and 11 deletions.
21 changes: 21 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,27 @@ Community Network Release Notes

This changelog describes changes after version 1.0.0.

v2.0.1
======

Release Summary
---------------

Security bugfix (potential information leaks in multiple modules, CVE-2021-20191) release.

Security Fixes
--------------

- ce_vrrp - mark the ``auth_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- cloudengine/ce_vrrp - enabled ``no_log`` for the options ``auth_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- cnos_* modules - mark the ``passwords`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- enos_* modules - mark the ``passwords`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- iap_start_workflow - mark the ``token_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- icx_system - mark the ``auth_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- itential/iap_start_workflow - enabled ``no_log`` for the options ``token_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- netscaler/netscaler_lb_monitor - enabled ``no_log`` for the options ``radkey`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- netscaler_lb_monitor - mark the ``password`` and ``secondarypassword`` parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).

v2.0.0
======

Expand Down
28 changes: 28 additions & 0 deletions changelogs/changelog.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -200,3 +200,31 @@ releases:
- routeros-migration-removal.yml
- terminal_plugin_cnos_update.yml
release_date: '2021-01-27'
2.0.1:
changes:
release_summary: Security bugfix (potential information leaks in multiple modules,
CVE-2021-20191) release.
security_fixes:
- ce_vrrp - mark the ``auth_key`` parameter as ``no_log`` to avoid leakage of
secrets (https://github.com/ansible-collections/community.network/pull/206).
- cloudengine/ce_vrrp - enabled ``no_log`` for the options ``auth_key`` to prevent
accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- cnos_* modules - mark the ``passwords`` parameter as ``no_log`` to avoid leakage
of secrets (https://github.com/ansible-collections/community.network/pull/206).
- enos_* modules - mark the ``passwords`` parameter as ``no_log`` to avoid leakage
of secrets (https://github.com/ansible-collections/community.network/pull/206).
- iap_start_workflow - mark the ``token_key`` parameter as ``no_log`` to avoid
leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
- icx_system - mark the ``auth_key`` parameter as ``no_log`` to avoid leakage
of secrets (https://github.com/ansible-collections/community.network/pull/206).
- itential/iap_start_workflow - enabled ``no_log`` for the options ``token_key``
to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- netscaler/netscaler_lb_monitor - enabled ``no_log`` for the options ``radkey``
to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.network/pull/203).
- netscaler_lb_monitor - mark the ``password`` and ``secondarypassword`` parameters
as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.network/pull/206).
fragments:
- 2.0.1.yml
- CVE-2021-20191_no_log.yml
- no_log-fixes.yml
release_date: '2021-02-09'
4 changes: 0 additions & 4 deletions changelogs/fragments/CVE-2021-20191_no_log.yml

This file was deleted.

7 changes: 0 additions & 7 deletions changelogs/fragments/no_log-fixes.yml

This file was deleted.

0 comments on commit 24b8827

Please sign in to comment.