Updated ansible packages fix CVE-2016-3096Publication date: 05 May 2016
Affected Mageia releases : 5
Updated ansible package fixes security vulnerability: A vulnerability in lxc_container, ansible module, was found allowing to get root inside the container. The problem is in the create_script function, which tries to write to /opt/.lxc-attach-script inside of the container. If the attacker can write to /opt/.lxc-attach-script before that, he can overwrite arbitrary files or execute commands as root (CVE-2016-3096).