From e76bc3ef7f9430cbf106fc91a710b49873bb526e Mon Sep 17 00:00:00 2001
From: Boris Manojlovic <boris@steki.net>
Date: Thu, 23 Apr 2020 15:33:08 +0000
Subject: [PATCH] Accepting request 794987 from
 home:stroeder:branches:systemsmanagement

update to version 2.9.7

OBS-URL: https://build.opensuse.org/request/show/794987
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=169
---
 ansible-2.9.6.tar.gz     |  3 ---
 ansible-2.9.6.tar.gz.sha |  1 -
 ansible-2.9.7.tar.gz     |  3 +++
 ansible-2.9.7.tar.gz.sha |  1 +
 ansible.changes          | 16 ++++++++++++++++
 ansible.spec             |  2 +-
 6 files changed, 21 insertions(+), 5 deletions(-)
 delete mode 100644 ansible-2.9.6.tar.gz
 delete mode 100644 ansible-2.9.6.tar.gz.sha
 create mode 100644 ansible-2.9.7.tar.gz
 create mode 100644 ansible-2.9.7.tar.gz.sha

diff --git a/ansible-2.9.6.tar.gz b/ansible-2.9.6.tar.gz
deleted file mode 100644
index 36460d6..0000000
--- a/ansible-2.9.6.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:59cf3a0781f89992d1dae5205b07e802dff1db205eebd238de9e503b62b8cbc9
-size 14201258
diff --git a/ansible-2.9.6.tar.gz.sha b/ansible-2.9.6.tar.gz.sha
deleted file mode 100644
index fb21375..0000000
--- a/ansible-2.9.6.tar.gz.sha
+++ /dev/null
@@ -1 +0,0 @@
-59cf3a0781f89992d1dae5205b07e802dff1db205eebd238de9e503b62b8cbc9  ansible-2.9.6.tar.gz
diff --git a/ansible-2.9.7.tar.gz b/ansible-2.9.7.tar.gz
new file mode 100644
index 0000000..e59d697
--- /dev/null
+++ b/ansible-2.9.7.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7222ce925536a25b2912364e13b03a3e21dbf2f96799ebff304f48509324de7b
+size 14215538
diff --git a/ansible-2.9.7.tar.gz.sha b/ansible-2.9.7.tar.gz.sha
new file mode 100644
index 0000000..5f3d3f2
--- /dev/null
+++ b/ansible-2.9.7.tar.gz.sha
@@ -0,0 +1 @@
+7222ce925536a25b2912364e13b03a3e21dbf2f96799ebff304f48509324de7b  ansible-2.9.7.tar.gz
diff --git a/ansible.changes b/ansible.changes
index aefd87f..1c389ba 100644
--- a/ansible.changes
+++ b/ansible.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Fri Apr 17 06:49:56 UTC 2020 - Michael Ströder <michael@stroeder.com>
+
+- update to version 2.9.7 with many bug fixes,
+  especially for these security issues:
+  * CVE-2020-1733  - insecure temporary directory when running become_user from become directive
+  * CVE-2020-1735  - path injection on dest parameter in fetch module
+  * CVE-2020-1737  - Extract-Zip function in win_unzip module does not check extracted path
+  * CVE-2020-1739  - svn module leaks password when specified as a parameter
+  * CVE-2020-1740  - secrets readable after ansible-vault edit
+  * CVE-2020-1746  - information disclosure issue in ldap_attr and ldap_entry modules
+  * CVE-2020-1753  - kubectl connection plugin leaks sensitive information [1]
+  * CVE-2020-10684 - code injection when using ansible_facts as a subkey
+  * CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up
+  * CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
+
 -------------------------------------------------------------------
 Mon Apr  6 20:45:04 UTC 2020 - lars@linux-schulserver.de - 2.9.6
 
diff --git a/ansible.spec b/ansible.spec
index 19a77da..52c5a80 100644
--- a/ansible.spec
+++ b/ansible.spec
@@ -55,7 +55,7 @@
 
 
 Name:           ansible
-Version:        2.9.6
+Version:        2.9.7
 Release:        0
 Summary:        SSH-based configuration management, deployment, and task execution system
 License:        GPL-3.0-or-later