0ad11aef75
- Update to version 2.8.3: Full changelog is packaged, but also at https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst - (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing CVE-2019-10206: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. - (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch CVE-2019-10217: Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks. OBS-URL: https://build.opensuse.org/request/show/721576 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=143 |
||
|---|---|---|
| .gitattributes | ||
| ansible-1.5.tar.bz2 | ||
| ansible-2.8.3.tar.gz | ||
| ansible-rpmlintrc | ||
| ansible.changes | ||
| ansible.spec | ||
| CVE-2019-10206-data-disclosure.patch | ||
| CVE-2019-10217-gcp-modules-sensitive-fields.patch | ||