- Address issues where internal templating can cause unsafe
  variables to lose their unsafe designation (bsc#1216854, CVE-2023-5764)
  * breaking_changes:
    assert - Nested templating may result in an inability for the conditional
    to be evaluated. See the porting guide for more information.
- Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002, CVE-2024-0690)
- Added:
  * 0001-Ensure-that-unsafe-is-more-difficult-to-lose-stable-.patch
  * 0002-Ensure-ANSIBLE_NO_LOG-is-respected-CVE-2024-0690-825.patch

    kubectl_password in console log (CVE-2020-1753, bsc#1166389).
  * CVE-2020-14365, bsc#1175993: Previously, regardless of the
    disable_gpg_check option, packages were not GPG validated. They
    are now.
- Don't Require python-coverage, it is needed only for testing
  (bsc#1177948).
    (CVE-2020-14332, bsc#1174302)
    from the uri module (CVE-2020-14330, bsc#1174145).
- Add CVE-2020-10744_avoid_mkdir_p.patch (CVE-2020-10744, bsc#1171823) to fix
  insecure temporary directory creation.
- Remove CVE-2017-7550-jenkins-disallow-password-in-params.patch
  as it has been already included in 2.4.1.0
- includes fix for bsc#1099805 (CVE-2018-10874) Inventory
  variables are loaded from current working directory when
  running ad-hoc command that can lead to code execution
  (included upstream in 2.6.1).
- update to 2.3.2.0 (final) - bsc#1059235
    as "unsafe". bsc#1038785
- security update to rc4 of 2.2.1.0 version CVE-2016-9587,
  CVE-2016-8628, CVE-2016-8614, CVE-2016-8647, CVE-2016-9587

• Files Changed
• Browse Source