Revisions of ansible
Victor Zhestkov (vizhestkov)
accepted
request 1167044
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 7)
- Address issues where internal templating can cause unsafe variables to lose their unsafe designation (bsc#1216854, CVE-2023-5764) * breaking_changes: assert - Nested templating may result in an inability for the conditional to be evaluated. See the porting guide for more information. - Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002, CVE-2024-0690) - Added: * 0001-Ensure-that-unsafe-is-more-difficult-to-lose-stable-.patch * 0002-Ensure-ANSIBLE_NO_LOG-is-respected-CVE-2024-0690-825.patch kubectl_password in console log (CVE-2020-1753, bsc#1166389). * CVE-2020-14365, bsc#1175993: Previously, regardless of the disable_gpg_check option, packages were not GPG validated. They are now. - Don't Require python-coverage, it is needed only for testing (bsc#1177948). (CVE-2020-14332, bsc#1174302) from the uri module (CVE-2020-14330, bsc#1174145). - Add CVE-2020-10744_avoid_mkdir_p.patch (CVE-2020-10744, bsc#1171823) to fix insecure temporary directory creation. - Remove CVE-2017-7550-jenkins-disallow-password-in-params.patch as it has been already included in 2.4.1.0 - includes fix for bsc#1099805 (CVE-2018-10874) Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution (included upstream in 2.6.1). - update to 2.3.2.0 (final) - bsc#1059235 as "unsafe". bsc#1038785 - security update to rc4 of 2.2.1.0 version CVE-2016-9587, CVE-2016-8628, CVE-2016-8614, CVE-2016-8647, CVE-2016-9587
Julio González Gil (juliogonzalezgil)
accepted
request 992200
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 6)
- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133) * bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive info in traceback error message (in 2.9.27) * bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line strings with ansible facts used in template. (in 2.9.23) * bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in ansible 2.9.13 (in 2.9.15) - Update to 2.9.22: * CVE-2021-3447 (bsc#1183684) multiple modules expose secured values * CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option * CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values * CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values * CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module
Victor Zhestkov (vzhestkov)
accepted
request 940439
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 5)
- Require python macros for building
Julio González Gil (juliogonzalezgil)
committed
(revision 4)
osc copypac from project:systemsmanagement package:ansible revision:207
Alexander Graul (agraul)
committed
(revision 3)
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:5, using expand
Alexander Graul (agraul)
committed
(revision 2)
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:3, using expand
Alexander Graul (agraul)
committed
(revision 1)
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:1, using expand
Displaying all 7 revisions