Your message dated Fri, 05 Dec 2025 11:37:31 +0000
with message-id <[email protected]>
and subject line Bug#1121951: fixed in ansible 12.2.0+dfsg-1
has caused the Debian Bug report #1121951,
regarding ansible: CVE-2025-14010
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1121951: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: ansible
Version: 12.0.0+dfsg-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/ansible-collections/community.general/issues/11000
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for ansible.
CVE-2025-14010[0]:
| A flaw was found in ansible-collection-community-general. This
| vulnerability allows for information exposure (IE) of sensitive
| credentials, specifically plaintext passwords, via verbose output
| when running Ansible with debug modes. Attackers with access to logs
| could retrieve these secrets and potentially compromise Keycloak
| accounts or administrative access.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-14010
https://www.cve.org/CVERecord?id=CVE-2025-14010
[1] https://github.com/ansible-collections/community.general/issues/11000
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ansible
Source-Version: 12.2.0+dfsg-1
Done: Lee Garrett <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ansible, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Lee Garrett <[email protected]> (supplier of updated ansible package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 05 Dec 2025 10:10:11 +0100
Source: ansible
Architecture: source
Version: 12.2.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <[email protected]>
Changed-By: Lee Garrett <[email protected]>
Closes: 1121951
Changes:
ansible (12.2.0+dfsg-1) unstable; urgency=medium
.
* Stay on 12.x branch for now
* New upstream version 12.2.0+dfsg
- Fix CVE-2025-14010 (Closes: #1121951)
* Skip ravendb unit tests; they don't ship the relevant modules used in the
test.
Checksums-Sha1:
ba63eac29df4dd11358901d7c60392c0e221e9ef 3386 ansible_12.2.0+dfsg-1.dsc
9fe7495fef5eac85bc56d0926d243f6c19faa0e8 32039684
ansible_12.2.0+dfsg.orig.tar.xz
9e75e89b5485ba4ffb1c4f428f3085ab0f713a45 31344
ansible_12.2.0+dfsg-1.debian.tar.xz
2d379c25d205e8d829445b6d625538540ba3862f 7584
ansible_12.2.0+dfsg-1_source.buildinfo
Checksums-Sha256:
a6f912c3f1fcb6cb56a2f99a7259c0aab726b371022f836f4645426d4ce6d202 3386
ansible_12.2.0+dfsg-1.dsc
432a51295780464bc36af3aedbd9ac4b7f6d97bb13c0aef6690b5d8beff5e21f 32039684
ansible_12.2.0+dfsg.orig.tar.xz
3baf1a46b8031e6cf6fdcddd025f4a8a878e385328825c5f9c8e06fe05f580f6 31344
ansible_12.2.0+dfsg-1.debian.tar.xz
c196d3ce74c1d7169829a4d76e21e6a8dcdd5615ca5f22e6232cce2f54c18c7a 7584
ansible_12.2.0+dfsg-1_source.buildinfo
Files:
ff7c5b40a179a0ea8c7bf8cb1e88b3c0 3386 admin optional ansible_12.2.0+dfsg-1.dsc
1b4211ae9185e2345dfeb122006e6811 32039684 admin optional
ansible_12.2.0+dfsg.orig.tar.xz
c696240774846c6a3c17ea669799e588 31344 admin optional
ansible_12.2.0+dfsg-1.debian.tar.xz
1a6498165d05d5890bca0732fc70e428 7584 admin optional
ansible_12.2.0+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEE2EfGJRCpwv8kLOAs1gShxII+4PgFAmkyvnEACgkQ1gShxII+
4PjWKx/8CK3Kj5DojhI452C3FVP2nFmhsr3see+N0JuDav5DFkFnz9h/R992Ev8a
bxr5KNkfSUWX6YZKxE+LHsk5AK+nu7y6yP1EesZHek0gJbuD7eRqqGR1nqeTRn5a
GgRJL6hYWeb8g9MskKvpIU533D6SNSZjQ98pGw1a6nqwzPi17vGD4Y3m3mtCNl2z
2SzHn2Zra1TWwjDMyPgCLZWQSoh911j6vEDtLdOi/aZI2vkE2B9jEJsXO9/uecRt
o6YN0tuNI1GTeQpRxpkoRm7IZwEj2Liop/GFcBvPdfOs/j1Nvr5gE97x3/Zws4n8
SEdJxeeFmgZb7iY69GTHmZ9AGOSQQwW+eqjPHrCF8DeofMJZA547rEy4VtnDlMX/
fDvhdlb8SFUB+2+DG+i39wQ6hMkMMITkwgR5HMcupVJ1WosRwRcICrug0fHsoALL
8jv2qAa3Ywlu5RMtkcikmxCKXkkfRj3CSKjJGaPksJ3A+mbKK/toNNxsicLgCFOa
1k3JLUntCoqLkJ8COh2ZDxFViohweYMZAvXhEtagIkeVojAsJlPwtr5knyafP3jl
/MKFcBAbL2hhNYyts22CVPyrRopoz2N20ejd2H3TlXiMsXMT+NLbL+KOAI09NDY4
/Bqfhq9RvKdzV7GtMoiVJBwpCsCqX0bbKXnXT9xVi4Iyy37PQ0B9npdmuKxcB6Xw
Z3tk9j4+VuAl1SXjXFaIeVMAVjL3FxpzL1gendwa4GdI7IUGmnnUuQyKGwkmY6pl
MANaxtfwi8PpWf/DnR/GNVP2bjAwFT+rezG8SxkAeJv5mWpQ2gi2JMnupgu04Zpi
12Vqj5QG51bMdMFgbUAHtd1yew6nKAPqvFlUDo1qGTUIBoZsxdmcsAOoY3k6zfOz
Ex7G/0+D2QQOcnMOfc6XogHJB0uxwhd79ku3EtHhStVJOkiGpGnKiuYMtBiw4Rrc
macwGSDKblQqi/WvBKQRNfu8+BNow28klOw9FpuqLVV0BA2aUIo80Piz89+8De/F
Dy+PxmKGSYF5crpbtbDn1vpAddEG6wtdDjrvs9pavAcaV5ESE3x16TiQKiSfNi9h
3DWohkmdjdW7FIifiyOeguoYWI2Zm6UsTQ0RUvtKzycf19kDbXAWuL9k9gS6+3Qf
DIpgo53KvavIvcfztxNOqwcg5HxvJQTxdvnQOD5Un/ku/tG/zoBUzV7YFiWtRaBz
flX4kfNLdgLc9kC3Ivjp4XLsFlkxlm8f/SNijqvphO71dBz4wezRphfGZPdf8CxI
cLriqAliMiP+2T9WGLDZ1QtOCoodi/gZpi8EeZmWeFlgnp3ttA1RLY1+shwJ4v64
shfvaJyyDkpgXvEW7WGqLHCqsORU8A==
=HvcB
-----END PGP SIGNATURE-----
pgpsmQqLfDCtO.pgp
Description: PGP signature
--- End Message ---
