Overview Repositories Revisions Requests Users Attributes Meta

Revisions of ansible

Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) accepted request 1167044 from Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) (revision 7) 
- Address issues where internal templating can cause unsafe
  variables to lose their unsafe designation (bsc#1216854, CVE-2023-5764)
  * breaking_changes:
    assert - Nested templating may result in an inability for the conditional
    to be evaluated. See the porting guide for more information.
- Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002, CVE-2024-0690)
- Added:
  * 0001-Ensure-that-unsafe-is-more-difficult-to-lose-stable-.patch
  * 0002-Ensure-ANSIBLE_NO_LOG-is-respected-CVE-2024-0690-825.patch

    kubectl_password in console log (CVE-2020-1753, bsc#1166389).
  * CVE-2020-14365, bsc#1175993: Previously, regardless of the
    disable_gpg_check option, packages were not GPG validated. They
    are now.
- Don't Require python-coverage, it is needed only for testing
  (bsc#1177948).
    (CVE-2020-14332, bsc#1174302)
    from the uri module (CVE-2020-14330, bsc#1174145).
- Add CVE-2020-10744_avoid_mkdir_p.patch (CVE-2020-10744, bsc#1171823) to fix
  insecure temporary directory creation.
- Remove CVE-2017-7550-jenkins-disallow-password-in-params.patch
  as it has been already included in 2.4.1.0
- includes fix for bsc#1099805 (CVE-2018-10874) Inventory
  variables are loaded from current working directory when
  running ad-hoc command that can lead to code execution
  (included upstream in 2.6.1).
- update to 2.3.2.0 (final) - bsc#1059235
    as "unsafe". bsc#1038785
- security update to rc4 of 2.2.1.0 version CVE-2016-9587,
  CVE-2016-8628, CVE-2016-8614, CVE-2016-8647, CVE-2016-9587
Julio González Gil's avatar Julio González Gil (juliogonzalezgil) accepted request 992200 from Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) (revision 6) 
- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)
  * bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive
    info in traceback error message (in 2.9.27)
  * bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line
    strings with ansible facts used in template. (in 2.9.23)
  * bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in
    ansible 2.9.13 (in 2.9.15)

- Update to 2.9.22:
  * CVE-2021-3447 (bsc#1183684) multiple modules expose secured values 

  * CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option
  * CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values
  * CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values
  * CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module
Victor Zhestkov's avatar Victor Zhestkov (vzhestkov) accepted request 940439 from Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) (revision 5) 
- Require python macros for building
Julio González Gil's avatar Julio González Gil (juliogonzalezgil) committed (revision 4) 
osc copypac from project:systemsmanagement package:ansible revision:207
Alexander Graul's avatar Alexander Graul (agraul) committed (revision 3) 
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:5, using expand
Alexander Graul's avatar Alexander Graul (agraul) committed (revision 2) 
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:3, using expand
Alexander Graul's avatar Alexander Graul (agraul) committed (revision 1) 
osc copypac from project:home:moio:branches:systemsmanagement package:ansible revision:1, using expand
Displaying all 7 revisions
openSUSE Build Service is sponsored by
Places