Commit Graph

137 Commits

Author SHA1 Message Date
Michael Ströder
855fe7cce6 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=188 2020-06-22 23:09:54 +00:00
Michael Ströder
353f876b82 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=187 2020-06-22 14:25:49 +00:00
Michael Ströder
d212db9bd7 update to version 2.9.10
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=186
2020-06-22 14:25:31 +00:00
Michael Ströder
2d9798ecee Accepting request 815919 from home:stroeder:branches:systemsmanagement
- update to version 2.9.10 with many bug fixes.
- removed obsolete patch CVE-2020-1744_avoid_mkdir_p.patch

OBS-URL: https://build.opensuse.org/request/show/815919
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=185
2020-06-22 13:27:31 +00:00
Lars Vogdt
7af40c3479 Accepting request 810010 from home:mcepl:branches:systemsmanagement
- Correct ID of CVE and rename the patch to
  CVE-2020-1744_avoid_mkdir_p.patch

  - bsc#1167532 CVE-2020-10684 - code injection when using
    ansible_facts as a subkey
  * remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503) (https://github.com/ansible/ansible/pull/52133)
  + Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
    from current working directory allowing possible code execution

OBS-URL: https://build.opensuse.org/request/show/810010
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=184
2020-05-28 22:37:12 +00:00
Lars Vogdt
256ccae9cf Accepting request 809080 from home:mcepl:branches:systemsmanagement
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
  (bsc#1164140)
- Add metadata information to this file to mark which SUSE
  bugzilla have been already fixed.

  - bsc#1164140 CVE-2020-1733 - insecure temporary directory when
    running become_user from become directive
  - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe
    lookup plugin subprocess
  - bsc#1164137 CVE-2020-1735 - path injection on dest parameter
    in fetch module
  - bsc#1164134 CVE-2020-1736 atomic_move primitive sets
    permissive permissions
  - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip
    module does not check extracted path
  - bsc#1164136 CVE-2020-1738 module package can be selected by
    the ansible facts
  - bsc#1164133 CVE-2020-1739  - svn module leaks password when
    specified as a parameter
  - bsc#1164135 CVE-2020-1740 - secrets readable after
    ansible-vault edit
  - bsc#1165393 CVE-2020-1746 - information disclosure issue in
    ldap_attr and ldap_entry modules
  - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
    sensitive information
  - CVE-2020-10684 - code injection when using ansible_facts as a subkey
  - bsc#1167440 CVE-2020-10685 - modules which use files
    encrypted with vault are not properly cleaned up
  - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
- update to version 2.9.6 (maintenance release) including

OBS-URL: https://build.opensuse.org/request/show/809080
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 21:14:44 +00:00
Michael Ströder
591334f240 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=182 2020-05-12 23:35:57 +00:00
Michael Ströder
10b59bffe4 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=181 2020-05-12 23:35:36 +00:00
Michael Ströder
69dfa056b6 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=180 2020-05-12 23:35:04 +00:00
Michael Ströder
216292a30e OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=179 2020-05-12 23:34:44 +00:00
Michael Ströder
0513a7be7a OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=178 2020-05-12 23:34:28 +00:00
Michael Ströder
a40c57ff32 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=177 2020-05-12 23:34:22 +00:00
Michael Ströder
e79fdea5fe OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=176 2020-05-12 16:10:09 +00:00
Michael Ströder
21782e368a update to version 2.9.8
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=175
2020-05-12 09:43:07 +00:00
Michael Ströder
ad2b973c66 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=174 2020-05-12 09:42:50 +00:00
Michael Ströder
6f01ca1ab1 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=173 2020-05-12 09:42:43 +00:00
Michael Ströder
b49fc14182 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=172 2020-05-12 09:42:24 +00:00
Michael Ströder
6c9b739ead OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=171 2020-05-12 09:41:50 +00:00
Michael Ströder
f993c80522 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=170 2020-05-12 09:41:46 +00:00
Boris Manojlovic
e76bc3ef7f Accepting request 794987 from home:stroeder:branches:systemsmanagement
update to version 2.9.7

OBS-URL: https://build.opensuse.org/request/show/794987
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=169
2020-04-23 15:33:08 +00:00
Lars Vogdt
fb51e7cd29 Accepting request 792534 from home:rfrohl:branches:systemsmanagement
add missing bugs for CVEs; found in Leap submissions

OBS-URL: https://build.opensuse.org/request/show/792534
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=168
2020-04-11 04:39:37 +00:00
Lars Vogdt
479c09b69c - require python-xml on python 2 systems (boo#1142542)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=167
2020-04-06 21:16:59 +00:00
Lars Vogdt
02994ab849 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=166 2020-04-06 21:09:38 +00:00
Lars Vogdt
e608167ea9 - require python-xml (boo#1142542)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=165
2020-04-06 21:06:46 +00:00
Lars Vogdt
01ffa71dfa - create missing (empty) template and files directories for
'ansible-galaxy init' during package build (fixes boo#1137479)

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=164
2020-04-06 21:01:32 +00:00
Lars Vogdt
2670b75345 Accepting request 781785 from home:stroeder:branches:systemsmanagement
- update to version 2.9.6 (maintenance release)

OBS-URL: https://build.opensuse.org/request/show/781785
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=163
2020-03-09 06:53:20 +00:00
Lars Vogdt
739f424cda Accepting request 774243 from home:stroeder:branches:systemsmanagement
- update to version 2.9.5 (maintenance release)

OBS-URL: https://build.opensuse.org/request/show/774243
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=162
2020-02-18 11:02:09 +00:00
Lars Vogdt
ad9b3af83c Accepting request 768031 from home:stroeder:branches:systemsmanagement
now correct update to version 2.9.4

OBS-URL: https://build.opensuse.org/request/show/768031
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=161
2020-01-28 22:16:51 +00:00
Lars Vogdt
1338452174 Accepting request 765980 from home:stroeder:branches:systemsmanagement
- update to version 2.9.4
  * fix for yum module

OBS-URL: https://build.opensuse.org/request/show/765980
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=160
2020-01-22 06:51:00 +00:00
Lars Vogdt
6770b2b9cf Accepting request 765059 from home:stroeder:branches:systemsmanagement
- update to version 2.9.3 (maintenance release)
  * security fixes
    - CVE-2019-14904 (solaris_zone module)
    - CVE-2019-14905 (nxos_file_copy module),
  * various bugfixes

OBS-URL: https://build.opensuse.org/request/show/765059
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=159
2020-01-18 11:10:35 +00:00
Lars Vogdt
3aac6b485f - sync with upstream spec file (especially for RHEL & Fedora builds)
- ran spec-cleaner
- remove old SUSE targets (SLE-11, Leap 42.3 and below)
  This simplifies the spec file and makes building easier
- Additional required packages for building:
  + python-boto3 and python-botocore for Amazon EC2
  + python-jmespath for json queries
  + python-memcached for cloud modules and local caching of JSON 
    formatted, per host records
  + python-redis for cloud modules and local caching of JSON 
    formatted, per host records
  + python-requests for many web-based modules (cloud, network, 
    netapp)
  => as the need for those packages depends on the usage of the 
     tool, they are just recommended on openSUSE/SUSE machines
- made dependencies for gitlab, vmware and winrm modules configurable,
  as most of their dependencies are not (yet) available on current 
  openSUSE/SUSE distributions
- exclude /usr/bin/pwsh from the automatic dependency generation, 
  as the Windows Power Shell is not available (yet) on openSUSE/SUSE
- build additional docs and split up ansible-doc package; 
  moving changelogs, contrib and example directories there
- prepare for building HTML documentation, but disable this per 
  default for the moment, as not all package dependencies are available
  in openSUSE/SUSE (yet)
- package some test scripts with executable permissions

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=158
2019-12-29 16:57:33 +00:00
Lars Vogdt
eb63121d70 Accepting request 754332 from home:stroeder:branches:systemsmanagement
update to version 2.9.2

OBS-URL: https://build.opensuse.org/request/show/754332
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=157
2019-12-08 13:09:31 +00:00
Lars Vogdt
4d2f438f90 - Create system directories that Ansible defines as default locations
in ansible/config/base.yml
- rephrase the summary line 
- Disable shebang munging for specific paths. These files are data files.
  ansible-test munges the shebangs itself.

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=156
2019-11-21 16:28:08 +00:00
Lars Vogdt
8c16a86de5 - split out ansible-test package for module developers
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=155
2019-11-19 18:05:31 +00:00
Lars Vogdt
8e2f1a0175 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=154 2019-11-16 21:44:54 +00:00
Lars Vogdt
d007679c05 Accepting request 745036 from home:ojkastl_buildservice
update to 2.9.0

OBS-URL: https://build.opensuse.org/request/show/745036
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=151
2019-11-04 20:51:29 +00:00
Lars Vogdt
20040fb296 - include the sha checksum file in the source, which allows to verify
the original sources

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=150
2019-10-27 14:16:25 +00:00
Lars Vogdt
ed31cb1601 Accepting request 742224 from home:abergmann:branches:systemsmanagement
Security Update to version 2.8.6.

OBS-URL: https://build.opensuse.org/request/show/742224
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=149
2019-10-24 15:04:12 +00:00
Lars Vogdt
96821db614 - Update to version 2.8.5:
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
  and also available online at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- removed patches fixed upstream:
  + CVE-2019-10206-data-disclosure.patch
  + CVE-2019-10217-gcp-modules-sensitive-fields.patch

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=148
2019-09-13 09:07:20 +00:00
Lars Vogdt
f085e94b2f Accepting request 721985 from home:mcepl:branches:systemsmanagement
Return fdupes back

OBS-URL: https://build.opensuse.org/request/show/721985
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=147
2019-09-11 07:29:09 +00:00
Lars Vogdt
74166faebd fix former mistake and re-establish the older, but better package version
- Update to version 2.8.3:
  Full changelog is packaged, but also at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
  CVE-2019-10206: ansible-playbook -k and ansible cli tools
  prompt passwords by expanding them from templates as they could
  contain special characters. Passwords should be wrapped to
  prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
  CVE-2019-10217: Fields managing sensitive data should be set as
  such by no_log feature. Some of these fields in GCP modules are
  not set properly. service_account_contents() which is common
  class for all gcp modules is not setting no_log to True. Any
  sensitive data managed by that function would be leak as an
  output when running ansible playbooks.

- Update to version 2.8.1
  Full changelog is at /usr/share/doc/packages/ansible/changelogs/
  Bugfixes
  --------
  - ACI - DO not encode query_string
  - ACI modules - Fix non-signature authentication
  - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
  - Fix "Interface not found" errors when using eos_l2_interface with nonexistant
    interfaces configured
  - Fix cannot get credential when `source_auth` set to `credential_file`.
  - Fix netconf_config backup string issue
  - Fix privilege escalation support for the docker connection plugin when

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=146
2019-08-13 16:26:53 +00:00
Lars Vogdt
c31ffe3972 Accepting request 719257 from home:ojkastl_buildservice:SLES12
update to 2.8.3

OBS-URL: https://build.opensuse.org/request/show/719257
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=145
2019-08-13 16:22:17 +00:00
Lars Vogdt
0ad11aef75 Accepting request 721576 from home:mcepl:branches:systemsmanagement
- Update to version 2.8.3:
  Full changelog is packaged, but also at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
  CVE-2019-10206: ansible-playbook -k and ansible cli tools
  prompt passwords by expanding them from templates as they could
  contain special characters. Passwords should be wrapped to
  prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
  CVE-2019-10217: Fields managing sensitive data should be set as
  such by no_log feature. Some of these fields in GCP modules are
  not set properly. service_account_contents() which is common
  class for all gcp modules is not setting no_log to True. Any
  sensitive data managed by that function would be leak as an
  output when running ansible playbooks.

OBS-URL: https://build.opensuse.org/request/show/721576
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=143
2019-08-08 14:01:06 +00:00
Lars Vogdt
92160bd70b Accepting request 708761 from home:lrupp:branches:systemsmanagement
- Update to version 2.8.1
  Full changelog is at /usr/share/doc/packages/ansible/changelogs/
  Bugfixes
  --------
  - ACI - DO not encode query_string
  - ACI modules - Fix non-signature authentication
  - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
  - Fix "Interface not found" errors when using eos_l2_interface with nonexistant
    interfaces configured
  - Fix cannot get credential when `source_auth` set to `credential_file`.
  - Fix netconf_config backup string issue
  - Fix privilege escalation support for the docker connection plugin when
    credentials need to be supplied (e.g. sudo with password).
  - Fix vyos cli prompt inspection
  - Fixed loading namespaced documentation fragments from collections.
  - Fixing bug came up after running cnos_vrf module against coverity.
  - Properly handle data importer failures on PVC creation, instead of timing out.
  - To fix the ios static route TC failure in CI
  - To fix the nios member module params
  - To fix the nios_zone module idempotency failure
  - add terminal initial prompt for initial connection
  - allow include_role to work with ansible command
  - allow python_requirements_facts to report on dependencies containing dashes
  - asa_config fix
  - azure_rm_roledefinition - fix a small error in build scope.
  - azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
    peering.
  - cgroup_perf_recap - When not using file_per_task, make sure we don't
    prematurely close the perf files
  - display underlying error when reporting an invalid ``tasks:`` block.

OBS-URL: https://build.opensuse.org/request/show/708761
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=141
2019-06-08 16:41:44 +00:00
Lars Vogdt
8a731628f9 Accepting request 705080 from home:tux93:branches:systemsmanagement
Update to v2.8.0

OBS-URL: https://build.opensuse.org/request/show/705080
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=140
2019-05-24 22:49:38 +00:00
Lars Vogdt
5aaa3058df Accepting request 691596 from home:stroeder:branches:systemsmanagement
Update to version 2.7.10

OBS-URL: https://build.opensuse.org/request/show/691596
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=138
2019-04-05 22:43:05 +00:00
Lars Vogdt
36c9bd5447 Accepting request 685716 from home:stroeder:branches:systemsmanagement
Update to version 2.7.9

OBS-URL: https://build.opensuse.org/request/show/685716
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=137
2019-03-18 21:44:32 +00:00
Lars Vogdt
b89e42811a - update URL (use SSL version of the URL)
- prepare update for multiple releases (bsc#1102126, bsc#1109957)

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=136
2019-03-16 20:15:04 +00:00
Lars Vogdt
5d3838e9d5 Accepting request 678525 from home:stroeder:branches:systemsmanagement
Update to version 2.7.8

OBS-URL: https://build.opensuse.org/request/show/678525
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=134
2019-03-07 09:29:43 +00:00
Lars Vogdt
9a23cbeb29 Accepting request 673034 from home:elimat:branches:systemsmanagement
- Update to version 2.7.7
  Minor Changes:
  * Allow check_mode with supports_generate_diff capability in cli_config. (https://github.com/ansible/ansible/pull/51417)
  * Fixed typo in vmware documentation fragment. Changed "supported added" to "support added".
  Bugfixes:
  * All K8S_AUTH_* environment variables are now properly loaded by the k8s lookup plugin
  * Change backup file globbing for network _config modules so backing up one host's config will not delete the backed up config of any host whose hostname is a subset of the first host's hostname (e.g., switch1 and switch11)
  * Fixes bug where nios_a_record wasn't getting deleted if an uppercase named a_record was being passed. (https://github.com/ansible/ansible/pull/51539)
  * aci_aaa_user - Fix setting user description (https://github.com/ansible/ansible/issues/51406)
  * apt_repository - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
  * archive - Fix check if archive is created in path to be removed
  * azure_rm inventory plugin - fix azure batch request (https://github.com/ansible/ansible/pull/50006)
  * cnos_backup - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
  * cnos_image - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
  * consul_kv - minor error-handling bugfix under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
  * copy - align invocation in return value between check and normal mode
  * delegate_facts - fix to work properly under block and include_role (https://github.com/ansible/ansible/pull/51553)
  * docker_swarm_service - fix endpoint_mode and publish idempotency.
  * ec2_instance - Correctly adds description when adding a single ENI to the instance
  * ensure we have a XDG_RUNTIME_DIR, as it is not handled correctly by some privilege escalation configurations
  * file - Allow state=touch on file the user does not own https://github.com/ansible/ansible/issues/50943
  * fix ansible-pull hanlding of extra args, complex quoting is needed for inline JSON
  * fix ansible_connect_timeout variable in network_cli,netconf,httpapi and nxos_install_os timeout check
  * netapp_e_storagepool - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
  * onepassword_facts - Fix an issue looking up some 1Password items which have a 'password' attribute alongside the 'fields' attribute, not inside it.
  * prevent import_role from inserting dupe into roles: execution when duplicate signature role already exists in the section.
  * reboot - Fix bug where the connection timeout was not reset in the same task after rebooting
  * ssh connection - do not retry with invalid credentials to prevent account lockout (https://github.com/ansible/ansible/issues/48422)
  * systemd - warn when exeuting in a chroot environment rather than failing (https://github.com/ansible/ansible/pull/43904)
  * win_chocolatey - Fix hang when used with proxy for the first time - https://github.com/ansible/ansible/issues/47669
  * win_power_plan - Fix issue where win_power_plan failed on newer Windows 10 builds - https://github.com/ansible/ansible/issues/43827

OBS-URL: https://build.opensuse.org/request/show/673034
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=132
2019-02-19 01:10:11 +00:00