Go to file
Lars Vogdt 256ccae9cf Accepting request 809080 from home:mcepl:branches:systemsmanagement
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
  (bsc#1164140)
- Add metadata information to this file to mark which SUSE
  bugzilla have been already fixed.

  - bsc#1164140 CVE-2020-1733 - insecure temporary directory when
    running become_user from become directive
  - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe
    lookup plugin subprocess
  - bsc#1164137 CVE-2020-1735 - path injection on dest parameter
    in fetch module
  - bsc#1164134 CVE-2020-1736 atomic_move primitive sets
    permissive permissions
  - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip
    module does not check extracted path
  - bsc#1164136 CVE-2020-1738 module package can be selected by
    the ansible facts
  - bsc#1164133 CVE-2020-1739  - svn module leaks password when
    specified as a parameter
  - bsc#1164135 CVE-2020-1740 - secrets readable after
    ansible-vault edit
  - bsc#1165393 CVE-2020-1746 - information disclosure issue in
    ldap_attr and ldap_entry modules
  - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
    sensitive information
  - CVE-2020-10684 - code injection when using ansible_facts as a subkey
  - bsc#1167440 CVE-2020-10685 - modules which use files
    encrypted with vault are not properly cleaned up
  - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
- update to version 2.9.6 (maintenance release) including

OBS-URL: https://build.opensuse.org/request/show/809080
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 21:14:44 +00:00
.gitattributes Accepting request 171263 from home:lrupp 2013-04-17 13:19:34 +00:00
ansible-1.5.tar.bz2 - update to 1.5: 2014-03-08 11:12:26 +00:00
ansible-2.9.9.tar.gz OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=180 2020-05-12 23:35:04 +00:00
ansible-2.9.9.tar.gz.sha OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=179 2020-05-12 23:34:44 +00:00
ansible-rpmlintrc Accepting request 809080 from home:mcepl:branches:systemsmanagement 2020-05-26 21:14:44 +00:00
ansible.changes Accepting request 809080 from home:mcepl:branches:systemsmanagement 2020-05-26 21:14:44 +00:00
ansible.spec Accepting request 809080 from home:mcepl:branches:systemsmanagement 2020-05-26 21:14:44 +00:00
CVE-2020-1733_avoid_mkdir_p.patch Accepting request 809080 from home:mcepl:branches:systemsmanagement 2020-05-26 21:14:44 +00:00