The following list summarizes the additions, changes, and modifications which were made to Ansible Tower v3.7.2.
Added local caching for downloaded roles and collections so they are not re-downloaded on nodes where they are up to date with the project
Deprecated PRIMARY_GALAXY_USERNAME and PRIMARY_GALAXY_PASSWORD. We recommend using tokens to access Galaxy or Automation Hub.
Fixed Tower Server Side Request Forgery on Credentials (CVE-2020-14327)
Fixed Tower Server Side Request Forgery on Webhooks (CVE-2020-14328)
Fixed Tower sensitive data exposure on labels (CVE-2020-14329)
Fixed Named URLs to allow for testing the presence or absence of objects (CVE-2020-14337)
Fixed Tower’s task scheduler to no longer deadlock for clustered installations with large numbers of nodes
Fixed the Credential Type definitions to no longer allow superusers to run unsafe Python code
Fixed credential lookups from CyberArk AIM to no longer fail unexpectedly
Fixed upgrades from 3.5 to 3.6 on RHEL8 in order for PostgreSQL client libraries to be upgraded on Tower nodes, which fixes the backup/restore function
Fixed backup/restore for PostgreSQL usernames that include capital letters
Fixed manually added host variables to no longer be removed on VMWare vCenter inventory syncs
Fixed Red Hat Satellite inventory syncs to allow Tower to properly respect the verify_ssl flag
For older version of the release notes, as well as other reference materials, refer to the Ansible Tower Release Notes.