summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--changelogs/fragments/63522-remove-args-from-sumologic-and-splunk-callbacks.yml2
-rw-r--r--lib/ansible/plugins/callback/splunk.py3
-rw-r--r--lib/ansible/plugins/callback/sumologic.py3
3 files changed, 8 insertions, 0 deletions
diff --git a/changelogs/fragments/63522-remove-args-from-sumologic-and-splunk-callbacks.yml b/changelogs/fragments/63522-remove-args-from-sumologic-and-splunk-callbacks.yml
new file mode 100644
index 0000000000..7af27d9082
--- /dev/null
+++ b/changelogs/fragments/63522-remove-args-from-sumologic-and-splunk-callbacks.yml
@@ -0,0 +1,2 @@
+bugfixes:
+ - '**security issue** - Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)'
diff --git a/lib/ansible/plugins/callback/splunk.py b/lib/ansible/plugins/callback/splunk.py
index 26b5d1d885..4f0e7eec3c 100644
--- a/lib/ansible/plugins/callback/splunk.py
+++ b/lib/ansible/plugins/callback/splunk.py
@@ -98,6 +98,9 @@ class SplunkHTTPCollectorSource(object):
else:
ansible_role = None
+ if 'args' in result._task_fields:
+ del result._task_fields['args']
+
data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session
diff --git a/lib/ansible/plugins/callback/sumologic.py b/lib/ansible/plugins/callback/sumologic.py
index 4a2bd0b5bb..22e217f0b5 100644
--- a/lib/ansible/plugins/callback/sumologic.py
+++ b/lib/ansible/plugins/callback/sumologic.py
@@ -89,6 +89,9 @@ class SumologicHTTPCollectorSource(object):
else:
ansible_role = None
+ if 'args' in result._task_fields:
+ del result._task_fields['args']
+
data = {}
data['uuid'] = result._task._uuid
data['session'] = self.session
View Lorry Controller Status