diff options
Diffstat (limited to 'changelogs/fragments/subversion_password.yaml')
| -rw-r--r-- | changelogs/fragments/subversion_password.yaml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/changelogs/fragments/subversion_password.yaml b/changelogs/fragments/subversion_password.yaml new file mode 100644 index 0000000000..42e09fb1a0 --- /dev/null +++ b/changelogs/fragments/subversion_password.yaml @@ -0,0 +1,9 @@ +bugfixes: +- > + **security issue** - The ``subversion`` module provided the password + via the svn command line option ``--password`` and can be retrieved + from the host's /proc/<pid>/cmdline file. Update the module to use + the secure ``--password-from-stdin`` option instead, and add a warning + in the module and in the documentation if svn version is too old to + support it. + (CVE-2020-1739) |