Commit Graph

122 Commits

Author SHA1 Message Date
Michael Ströder
a8ab4ffaef Accepting request 890208 from home:stroeder:sys
- update to 2.9.21

OBS-URL: https://build.opensuse.org/request/show/890208
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=207
2021-05-04 05:38:58 +00:00
Michael Ströder
53184286a4 Accepting request 885999 from home:moio:branches:systemsmanagement
- Drop python-coverage run-time requirement from openSUSE/SLE

python-coverage is only required in SLE/openSUSE, it is not listed in the requirements.txt in Ansible's repo. I think it is only in the tests at build time.

OBS-URL: https://build.opensuse.org/request/show/885999
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=206
2021-04-16 13:34:01 +00:00
Michael Ströder
cd6150b087 Accepting request 885973 from home:moio:branches:systemsmanagement
- Switch to python3-cryptography in openSUSE/SLE

OBS-URL: https://build.opensuse.org/request/show/885973
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=205
2021-04-16 12:36:26 +00:00
Michael Ströder
7b3933c08b Accepting request 884866 from home:stroeder:branches:systemsmanagement
- update to version 2.9.20
  maintenance release containing numerous bugfixes

OBS-URL: https://build.opensuse.org/request/show/884866
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=204
2021-04-13 08:06:21 +00:00
Michael Ströder
aeb12a7be5 Accepting request 879378 from home:stroeder:branches:systemsmanagement
- update to version 2.9.19 with minor changes and a few bug fixes

OBS-URL: https://build.opensuse.org/request/show/879378
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=203
2021-03-16 09:37:59 +00:00
Michael Ströder
f042d82a63 Accepting request 873716 from home:stroeder:branches:systemsmanagement
- update to version 2.9.18
  * CVE-2021-20228 where default and fallback values for no_log parameters
    to modules were not previously masked.
  * CVE-2021-20178 where several parameters to the snmp_facts module were
    logged and displayed despite containing sensitive information.
  * CVE-2021-20180 where several parameters to the
    bitbucket_pipeline_variable were logged and displayed despite
    containing sensitive information.
  * CVE-2021-20191 which addresses a number of modules whose parameters
    were logged and displayed despite containing sensitive
    information. For the full list of affected modules, refer to the
    changelog linked below.

OBS-URL: https://build.opensuse.org/request/show/873716
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=202
2021-02-19 10:39:23 +00:00
Michael Ströder
2a94455f13 Accepting request 864184 from home:stroeder:branches:systemsmanagement
- update to version 2.9.17 with minor changes and a few bug fixes

OBS-URL: https://build.opensuse.org/request/show/864184
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=201
2021-01-19 01:08:02 +00:00
Michael Ströder
ae9db1e259 Accepting request 855952 from home:stroeder:branches:systemsmanagement
update to version 2.9.16

OBS-URL: https://build.opensuse.org/request/show/855952
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=200
2020-12-15 09:02:08 +00:00
Michael Ströder
dab85099bd Accepting request 845554 from home:stroeder:branches:systemsmanagement
update to version 2.9.15

OBS-URL: https://build.opensuse.org/request/show/845554
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=199
2020-11-03 04:01:34 +00:00
Michael Ströder
4d3e52c433 Accepting request 839672 from home:stroeder:branches:systemsmanagement
update to version 2.9.14

OBS-URL: https://build.opensuse.org/request/show/839672
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=198
2020-10-06 04:46:38 +00:00
Michael Ströder
5d37ee9a23 Accepting request 831014 from home:stroeder:branches:systemsmanagement
- update to version 2.9.13 with many bug fixes, most notably:
  * A security issue was addressed in the "dnf" module, which previously
    did not check GPG signatures of packages.
  * A bug in the "cron" module was fixed. In some cases prior to this
    fix, the module would inadvertently remove cron entries.
- removed obsolete fix-cron-regression-71207.patch

OBS-URL: https://build.opensuse.org/request/show/831014
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=197
2020-09-01 10:09:58 +00:00
Michael Ströder
9408913b2a OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=195 2020-08-12 12:44:34 +00:00
Michael Ströder
2f8eb23498 Accepting request 826005 from home:stroeder:branches:systemsmanagement
update to version 2.9.12 with many bug fixes

OBS-URL: https://build.opensuse.org/request/show/826005
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=192
2020-08-12 11:11:00 +00:00
Lars Vogdt
122d9f8848 Accepting request 821994 from home:stroeder:branches:systemsmanagement
- update to version 2.9.11 with many bug fixes
- removed ansible_bugfix_640.diff obsoleted by upstream update

OBS-URL: https://build.opensuse.org/request/show/821994
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=191
2020-07-26 08:17:02 +00:00
Lars Vogdt
64ede927f6 Accepting request 820899 from home:EGDFree:branches:systemsmanagement
- added ansible_bugfix_640.diff to fix gh#ansible-collections/community.general#640

OBS-URL: https://build.opensuse.org/request/show/820899
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=190
2020-07-18 14:10:21 +00:00
Michael Ströder
ff0f5efd75 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=189 2020-06-22 23:10:31 +00:00
Michael Ströder
353f876b82 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=187 2020-06-22 14:25:49 +00:00
Michael Ströder
d212db9bd7 update to version 2.9.10
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=186
2020-06-22 14:25:31 +00:00
Michael Ströder
2d9798ecee Accepting request 815919 from home:stroeder:branches:systemsmanagement
- update to version 2.9.10 with many bug fixes.
- removed obsolete patch CVE-2020-1744_avoid_mkdir_p.patch

OBS-URL: https://build.opensuse.org/request/show/815919
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=185
2020-06-22 13:27:31 +00:00
Lars Vogdt
7af40c3479 Accepting request 810010 from home:mcepl:branches:systemsmanagement
- Correct ID of CVE and rename the patch to
  CVE-2020-1744_avoid_mkdir_p.patch

  - bsc#1167532 CVE-2020-10684 - code injection when using
    ansible_facts as a subkey
  * remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503) (https://github.com/ansible/ansible/pull/52133)
  + Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
    from current working directory allowing possible code execution

OBS-URL: https://build.opensuse.org/request/show/810010
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=184
2020-05-28 22:37:12 +00:00
Lars Vogdt
256ccae9cf Accepting request 809080 from home:mcepl:branches:systemsmanagement
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
  (bsc#1164140)
- Add metadata information to this file to mark which SUSE
  bugzilla have been already fixed.

  - bsc#1164140 CVE-2020-1733 - insecure temporary directory when
    running become_user from become directive
  - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe
    lookup plugin subprocess
  - bsc#1164137 CVE-2020-1735 - path injection on dest parameter
    in fetch module
  - bsc#1164134 CVE-2020-1736 atomic_move primitive sets
    permissive permissions
  - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip
    module does not check extracted path
  - bsc#1164136 CVE-2020-1738 module package can be selected by
    the ansible facts
  - bsc#1164133 CVE-2020-1739  - svn module leaks password when
    specified as a parameter
  - bsc#1164135 CVE-2020-1740 - secrets readable after
    ansible-vault edit
  - bsc#1165393 CVE-2020-1746 - information disclosure issue in
    ldap_attr and ldap_entry modules
  - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
    sensitive information
  - CVE-2020-10684 - code injection when using ansible_facts as a subkey
  - bsc#1167440 CVE-2020-10685 - modules which use files
    encrypted with vault are not properly cleaned up
  - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
- update to version 2.9.6 (maintenance release) including

OBS-URL: https://build.opensuse.org/request/show/809080
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 21:14:44 +00:00
Michael Ströder
10b59bffe4 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=181 2020-05-12 23:35:36 +00:00
Michael Ströder
e79fdea5fe OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=176 2020-05-12 16:10:09 +00:00
Michael Ströder
21782e368a update to version 2.9.8
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=175
2020-05-12 09:43:07 +00:00
Boris Manojlovic
e76bc3ef7f Accepting request 794987 from home:stroeder:branches:systemsmanagement
update to version 2.9.7

OBS-URL: https://build.opensuse.org/request/show/794987
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=169
2020-04-23 15:33:08 +00:00
Lars Vogdt
fb51e7cd29 Accepting request 792534 from home:rfrohl:branches:systemsmanagement
add missing bugs for CVEs; found in Leap submissions

OBS-URL: https://build.opensuse.org/request/show/792534
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=168
2020-04-11 04:39:37 +00:00
Lars Vogdt
479c09b69c - require python-xml on python 2 systems (boo#1142542)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=167
2020-04-06 21:16:59 +00:00
Lars Vogdt
e608167ea9 - require python-xml (boo#1142542)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=165
2020-04-06 21:06:46 +00:00
Lars Vogdt
01ffa71dfa - create missing (empty) template and files directories for
'ansible-galaxy init' during package build (fixes boo#1137479)

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=164
2020-04-06 21:01:32 +00:00
Lars Vogdt
2670b75345 Accepting request 781785 from home:stroeder:branches:systemsmanagement
- update to version 2.9.6 (maintenance release)

OBS-URL: https://build.opensuse.org/request/show/781785
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=163
2020-03-09 06:53:20 +00:00
Lars Vogdt
739f424cda Accepting request 774243 from home:stroeder:branches:systemsmanagement
- update to version 2.9.5 (maintenance release)

OBS-URL: https://build.opensuse.org/request/show/774243
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=162
2020-02-18 11:02:09 +00:00
Lars Vogdt
ad9b3af83c Accepting request 768031 from home:stroeder:branches:systemsmanagement
now correct update to version 2.9.4

OBS-URL: https://build.opensuse.org/request/show/768031
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=161
2020-01-28 22:16:51 +00:00
Lars Vogdt
6770b2b9cf Accepting request 765059 from home:stroeder:branches:systemsmanagement
- update to version 2.9.3 (maintenance release)
  * security fixes
    - CVE-2019-14904 (solaris_zone module)
    - CVE-2019-14905 (nxos_file_copy module),
  * various bugfixes

OBS-URL: https://build.opensuse.org/request/show/765059
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=159
2020-01-18 11:10:35 +00:00
Lars Vogdt
3aac6b485f - sync with upstream spec file (especially for RHEL & Fedora builds)
- ran spec-cleaner
- remove old SUSE targets (SLE-11, Leap 42.3 and below)
  This simplifies the spec file and makes building easier
- Additional required packages for building:
  + python-boto3 and python-botocore for Amazon EC2
  + python-jmespath for json queries
  + python-memcached for cloud modules and local caching of JSON 
    formatted, per host records
  + python-redis for cloud modules and local caching of JSON 
    formatted, per host records
  + python-requests for many web-based modules (cloud, network, 
    netapp)
  => as the need for those packages depends on the usage of the 
     tool, they are just recommended on openSUSE/SUSE machines
- made dependencies for gitlab, vmware and winrm modules configurable,
  as most of their dependencies are not (yet) available on current 
  openSUSE/SUSE distributions
- exclude /usr/bin/pwsh from the automatic dependency generation, 
  as the Windows Power Shell is not available (yet) on openSUSE/SUSE
- build additional docs and split up ansible-doc package; 
  moving changelogs, contrib and example directories there
- prepare for building HTML documentation, but disable this per 
  default for the moment, as not all package dependencies are available
  in openSUSE/SUSE (yet)
- package some test scripts with executable permissions

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=158
2019-12-29 16:57:33 +00:00
Lars Vogdt
eb63121d70 Accepting request 754332 from home:stroeder:branches:systemsmanagement
update to version 2.9.2

OBS-URL: https://build.opensuse.org/request/show/754332
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=157
2019-12-08 13:09:31 +00:00
Lars Vogdt
4d2f438f90 - Create system directories that Ansible defines as default locations
in ansible/config/base.yml
- rephrase the summary line 
- Disable shebang munging for specific paths. These files are data files.
  ansible-test munges the shebangs itself.

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=156
2019-11-21 16:28:08 +00:00
Lars Vogdt
8c16a86de5 - split out ansible-test package for module developers
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=155
2019-11-19 18:05:31 +00:00
Lars Vogdt
8e2f1a0175 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=154 2019-11-16 21:44:54 +00:00
Lars Vogdt
d007679c05 Accepting request 745036 from home:ojkastl_buildservice
update to 2.9.0

OBS-URL: https://build.opensuse.org/request/show/745036
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=151
2019-11-04 20:51:29 +00:00
Lars Vogdt
20040fb296 - include the sha checksum file in the source, which allows to verify
the original sources

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=150
2019-10-27 14:16:25 +00:00
Lars Vogdt
ed31cb1601 Accepting request 742224 from home:abergmann:branches:systemsmanagement
Security Update to version 2.8.6.

OBS-URL: https://build.opensuse.org/request/show/742224
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=149
2019-10-24 15:04:12 +00:00
Lars Vogdt
96821db614 - Update to version 2.8.5:
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
  and also available online at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- removed patches fixed upstream:
  + CVE-2019-10206-data-disclosure.patch
  + CVE-2019-10217-gcp-modules-sensitive-fields.patch

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=148
2019-09-13 09:07:20 +00:00
Lars Vogdt
74166faebd fix former mistake and re-establish the older, but better package version
- Update to version 2.8.3:
  Full changelog is packaged, but also at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
  CVE-2019-10206: ansible-playbook -k and ansible cli tools
  prompt passwords by expanding them from templates as they could
  contain special characters. Passwords should be wrapped to
  prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
  CVE-2019-10217: Fields managing sensitive data should be set as
  such by no_log feature. Some of these fields in GCP modules are
  not set properly. service_account_contents() which is common
  class for all gcp modules is not setting no_log to True. Any
  sensitive data managed by that function would be leak as an
  output when running ansible playbooks.

- Update to version 2.8.1
  Full changelog is at /usr/share/doc/packages/ansible/changelogs/
  Bugfixes
  --------
  - ACI - DO not encode query_string
  - ACI modules - Fix non-signature authentication
  - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
  - Fix "Interface not found" errors when using eos_l2_interface with nonexistant
    interfaces configured
  - Fix cannot get credential when `source_auth` set to `credential_file`.
  - Fix netconf_config backup string issue
  - Fix privilege escalation support for the docker connection plugin when

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=146
2019-08-13 16:26:53 +00:00
Lars Vogdt
c31ffe3972 Accepting request 719257 from home:ojkastl_buildservice:SLES12
update to 2.8.3

OBS-URL: https://build.opensuse.org/request/show/719257
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=145
2019-08-13 16:22:17 +00:00
Lars Vogdt
0ad11aef75 Accepting request 721576 from home:mcepl:branches:systemsmanagement
- Update to version 2.8.3:
  Full changelog is packaged, but also at
  https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
  CVE-2019-10206: ansible-playbook -k and ansible cli tools
  prompt passwords by expanding them from templates as they could
  contain special characters. Passwords should be wrapped to
  prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
  CVE-2019-10217: Fields managing sensitive data should be set as
  such by no_log feature. Some of these fields in GCP modules are
  not set properly. service_account_contents() which is common
  class for all gcp modules is not setting no_log to True. Any
  sensitive data managed by that function would be leak as an
  output when running ansible playbooks.

OBS-URL: https://build.opensuse.org/request/show/721576
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=143
2019-08-08 14:01:06 +00:00
Lars Vogdt
92160bd70b Accepting request 708761 from home:lrupp:branches:systemsmanagement
- Update to version 2.8.1
  Full changelog is at /usr/share/doc/packages/ansible/changelogs/
  Bugfixes
  --------
  - ACI - DO not encode query_string
  - ACI modules - Fix non-signature authentication
  - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
  - Fix "Interface not found" errors when using eos_l2_interface with nonexistant
    interfaces configured
  - Fix cannot get credential when `source_auth` set to `credential_file`.
  - Fix netconf_config backup string issue
  - Fix privilege escalation support for the docker connection plugin when
    credentials need to be supplied (e.g. sudo with password).
  - Fix vyos cli prompt inspection
  - Fixed loading namespaced documentation fragments from collections.
  - Fixing bug came up after running cnos_vrf module against coverity.
  - Properly handle data importer failures on PVC creation, instead of timing out.
  - To fix the ios static route TC failure in CI
  - To fix the nios member module params
  - To fix the nios_zone module idempotency failure
  - add terminal initial prompt for initial connection
  - allow include_role to work with ansible command
  - allow python_requirements_facts to report on dependencies containing dashes
  - asa_config fix
  - azure_rm_roledefinition - fix a small error in build scope.
  - azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
    peering.
  - cgroup_perf_recap - When not using file_per_task, make sure we don't
    prematurely close the perf files
  - display underlying error when reporting an invalid ``tasks:`` block.

OBS-URL: https://build.opensuse.org/request/show/708761
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=141
2019-06-08 16:41:44 +00:00
Lars Vogdt
8a731628f9 Accepting request 705080 from home:tux93:branches:systemsmanagement
Update to v2.8.0

OBS-URL: https://build.opensuse.org/request/show/705080
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=140
2019-05-24 22:49:38 +00:00
Lars Vogdt
5aaa3058df Accepting request 691596 from home:stroeder:branches:systemsmanagement
Update to version 2.7.10

OBS-URL: https://build.opensuse.org/request/show/691596
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=138
2019-04-05 22:43:05 +00:00
Lars Vogdt
36c9bd5447 Accepting request 685716 from home:stroeder:branches:systemsmanagement
Update to version 2.7.9

OBS-URL: https://build.opensuse.org/request/show/685716
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=137
2019-03-18 21:44:32 +00:00
Lars Vogdt
b89e42811a - update URL (use SSL version of the URL)
- prepare update for multiple releases (bsc#1102126, bsc#1109957)

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=136
2019-03-16 20:15:04 +00:00