CVS commit: pkgsrc/sysutils/ansible

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/sysutils/ansible
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Wed, 29 Apr 2020 10:36:26 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed Apr 29 10:36:26 UTC 2020

Modified Files:
        pkgsrc/sysutils/ansible: Makefile distinfo

Log Message:
ansible: updated to 2.9.7

v2.9.7
======

Minor Changes
-------------

- 'Edit on GitHub' link for plugin, cli documentation fixed to navigate to correct plugin, cli source.
- Handle get_tags_for_object API correctly in vmware_rest_client.
- Remove redundant encoding in json.load call in ipa module_utils (https://github.com/ansible/ansible/issues/66592).
- ansible-test - Upgrade OpenSUSE containers to use Leap 15.1.
- ansible-test now supports testing against RHEL 7.8 when using the ``--remote`` option.
- vmware_cluster - Document alternatives for deprecated parameters

Removed Features (previously deprecated)
----------------------------------------

- ldap_attr, ldap_entry - The ``params`` option has been removed in Ansible-2.10 as it circumvents Ansible's option handling.  Setting ``bind_pw`` with the ``params`` option was disallowed in 
Ansible-2.7, 2.8, and 2.9 as it was insecure.  For information about this policy, see the discussion at: 
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html This fixes CVE-2020-1746

Bugfixes
--------

- **security issue** - The ``subversion`` module provided the password via the svn command line option ``--password`` and can be retrieved from the host's /proc/<pid>/cmdline file. Update the module 
to use the secure ``--password-from-stdin`` option instead, and add a warning in the module and in the documentation if svn version is too old to support it. (CVE-2020-1739)

- **security issue** win_unzip - normalize paths in archive to ensure extracted files do not escape from the target directory (CVE-2020-1737)

- **security_issue** - create temporary vault file with strict permissions when editing and prevent race condition (CVE-2020-1740)
- Alter task_executor's start_connection to support newer modules from collections which expect to send task UUID.
- Ansible.ModuleUtils.WebRequest - actually set no proxy when ``use_proxy: no`` is set on a Windows module - https://github.com/ansible/ansible/issues/68528
- Ensure DataLoader temp files are removed at appropriate times and that we observe the LOCAL_TMP setting.
- Ensure we don't allow ansible_facts subkey of ansible_facts to override top level, also fix 'deprefixing' to prevent key transforms.
- Ensure we get an error when creating a remote tmp if it already exists. CVE-2020-1733
- Fact Delegation - Add ability to indicate which facts must always be delegated. Primarily for ``discovered_interpreter_python`` right now, but extensible later. 
(https://github.com/ansible/ansible/issues/61002)
- Fix nxos_lacp replace operation (https://github.com/ansible/ansible/pull/64074).
- Handle equal sign in password while using passwordstore lookup plugin.
- In fetch action, avoid using slurp return to set up dest, also ensure no dir traversal CVE-2019-3828.
- In vmware_guest_network module use appropriate network while creating or reconfiguring (https://github.com/ansible/ansible/issues/65968).
- Log additional messages from persistent connection modules that may be missed if the module fails or returns early.
- `vmware_content_deploy_template`'s `cluster` argument no longer fails with an error message about resource pools.
- ansible command now correctly sends v2_playbook_on_start to callbacks
- ansible-galaxy - Error when install finds a tar with a file that will be extracted outside the collection install directory - CVE-2020-10691
- ansible-galaxy collection - Preserve executable bit on build and preserve mode on install from what tar member is set to - https://github.com/ansible/ansible/issues/68415
- dense callback - fix plugin access to its configuration variables and remove a warning message (https://github.com/ansible/ansible/issues/64628).
- display - Improve method of removing extra new line after warnings so it does not break Tower/Runner (https://github.com/ansible/ansible/pull/68517)
- docker connection plugin - do not prefix remote path if running on Windows containers.
- for those running uids for invalid users (containers), fallback to uid=<uid> when logging fixes
- get_url pass incorrect If-Modified-Since header (https://github.com/ansible/ansible/issues/67417)
- mysql_user - Fix idempotence when long grant lists are used (https://github.com/ansible/ansible/issues/68044)
- os_user_role - Fix os_user_role issue to grant a role in a domain.
- ovirt_storage_domain: fix update_check for warning_low_space
- purefa_snmp - Fix error when deleting a manager and when creating a v2c manager (https://github.com/ansible/ansible/pull/68180)
- rabbitmq_policy - Fix version parsing for RabbitMQ 3.8.
- routeros_facts - Prevent crash of module when ``ipv6`` package is not installed
- setup.ps1 - Fix ``ansible_fqdn`` using the wrong values to build the actual DNS FQDN.


To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.31 pkgsrc/sysutils/ansible/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/sysutils/ansible/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/sysutils/ansible/Makefile
diff -u pkgsrc/sysutils/ansible/Makefile:1.30 pkgsrc/sysutils/ansible/Makefile:1.31
--- pkgsrc/sysutils/ansible/Makefile:1.30       Thu Mar  5 10:18:58 2020
+++ pkgsrc/sysutils/ansible/Makefile    Wed Apr 29 10:36:26 2020
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.30 2020/03/05 10:18:58 adam Exp $
+# $NetBSD: Makefile,v 1.31 2020/04/29 10:36:26 adam Exp $
 
-DISTNAME=      ansible-2.9.6
+DISTNAME=      ansible-2.9.7
 CATEGORIES=    sysutils python
 MASTER_SITES=  https://releases.ansible.com/ansible/
 

Index: pkgsrc/sysutils/ansible/distinfo
diff -u pkgsrc/sysutils/ansible/distinfo:1.17 pkgsrc/sysutils/ansible/distinfo:1.18
--- pkgsrc/sysutils/ansible/distinfo:1.17       Thu Mar  5 10:18:58 2020
+++ pkgsrc/sysutils/ansible/distinfo    Wed Apr 29 10:36:26 2020
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.17 2020/03/05 10:18:58 adam Exp $
+$NetBSD: distinfo,v 1.18 2020/04/29 10:36:26 adam Exp $
 
-SHA1 (ansible-2.9.6.tar.gz) = 2b685e9dec75f4274067fe0648f5a70c4d656319
-RMD160 (ansible-2.9.6.tar.gz) = 46d2c7ad1f9b7cc379867ae5a5df1ef82c5bc04a
-SHA512 (ansible-2.9.6.tar.gz) = 7111fd72b4e029b2f661bfb849b4323b69ea796f8a069ad3120e8de390effa670180c69ca0fd5e0a1c2e444db6d574a52d530a2b0343c76cd81ba963b3c3a7cb
-Size (ansible-2.9.6.tar.gz) = 14201258 bytes
+SHA1 (ansible-2.9.7.tar.gz) = 4a7c2b1183148e58085186fe1f86f60d71759398
+RMD160 (ansible-2.9.7.tar.gz) = d0052dae4e754c13e28bd559fe2f9c6c4783c9e9
+SHA512 (ansible-2.9.7.tar.gz) = ce029441bcafdc5b44c9fda69f183d4defea84ead5628164caf87306cb97efec68c11b2cce728e90f28290640c320549486a6b4e823710f638d1d2e7c35675a4
+Size (ansible-2.9.7.tar.gz) = 14215538 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/devel/py-coverage
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/devel/py-coverage
Indexes:

Home | Main Index | Thread Index | Old Index