74166faebd
- Update to version 2.8.3: Full changelog is packaged, but also at https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst - (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing CVE-2019-10206: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. - (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch CVE-2019-10217: Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks. - Update to version 2.8.1 Full changelog is at /usr/share/doc/packages/ansible/changelogs/ Bugfixes -------- - ACI - DO not encode query_string - ACI modules - Fix non-signature authentication - Add missing directory provided via ``--playbook-dir`` to adjacent collection loading - Fix "Interface not found" errors when using eos_l2_interface with nonexistant interfaces configured - Fix cannot get credential when `source_auth` set to `credential_file`. - Fix netconf_config backup string issue - Fix privilege escalation support for the docker connection plugin when OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=146 |
||
---|---|---|
.gitattributes | ||
ansible-1.5.tar.bz2 | ||
ansible-2.8.3.tar.gz | ||
ansible-rpmlintrc | ||
ansible.changes | ||
ansible.spec | ||
CVE-2019-10206-data-disclosure.patch | ||
CVE-2019-10217-gcp-modules-sensitive-fields.patch |