From 5fdd101a3e4861f8bedaf4c5bd29ee1cf4d8514b Mon Sep 17 00:00:00 2001
From: Toshio Kuratomi <a.badger@gmail.com>
Date: Tue, 12 Jun 2018 08:11:54 -0700
Subject: [PATCH] Add changelog entry for the no_log fix

---
 .../fragments/no_log_fix_for_connection_exceptions.yaml  | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 changelogs/fragments/no_log_fix_for_connection_exceptions.yaml

diff --git a/changelogs/fragments/no_log_fix_for_connection_exceptions.yaml b/changelogs/fragments/no_log_fix_for_connection_exceptions.yaml
new file mode 100644
index 00000000000..a5be03a6bab
--- /dev/null
+++ b/changelogs/fragments/no_log_fix_for_connection_exceptions.yaml
@@ -0,0 +1,9 @@
+---
+bugfixes:
+- '**Security Fix** - Some connection exceptions would cause no_log specified on
+  a task to be ignored.  If this happened, the task information, including any
+  private information could have been displayed to stdout and (if enabled, not
+  the default) logged to a log file specified in ansible.cfg''s log_path.
+  Additionally, sites which redirected stdout from ansible runs to a log file
+  may have stored that private information onto disk that way as well.
+  (https://github.com/ansible/ansible/pull/41414)'