We provide security updates for the following versions of our Ansible roles:
| Version | Supported |
|---|---|
| Latest | ✅ Yes |
| < Latest | ❌ No |
We recommend always using the latest version of our roles to ensure you have the latest security fixes.
If you discover a security vulnerability in any of our Ansible roles, please report it privately to help us address it quickly.
- Email: Send details to dominik@lenhardt-it.com
- Subject: Include "SECURITY" in the subject line
- Details: Provide as much information as possible:
- Affected role(s) and version(s)
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if you have one)
- Acknowledgment: We will acknowledge receipt within 48 hours
- Assessment: We will assess the vulnerability within 5 business days
- Updates: We will provide regular updates on our progress
- Resolution: We aim to resolve critical vulnerabilities within 30 days
We follow responsible disclosure practices:
- We will work with you to understand and resolve the issue
- We will not disclose the vulnerability until a fix is available
- We will credit you for the discovery (if you wish)
When using our Ansible roles:
- Always use the latest version
- Review role configurations before deployment
- Use Ansible Vault for sensitive data
- Regularly update your systems and dependencies
- Monitor security advisories
Thank you for helping keep our Ansible roles secure!