ansible-core (2.14.18-0+deb12u2) bookworm; urgency=medium * Update integration test dependencies * Update integration test restrictions -- Lee Garrett Fri, 03 Jan 2025 12:15:50 +0100 ansible-core (2.14.18-0+deb12u1) bookworm; urgency=medium [ Lee Garrett ] * New stable bugfix release * Add integration tests to autopkgtest * Fix CVE-2024-11079: This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks. [ Bastien Roucariès ] * Fix CVE-2024-8775: A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions. (Closes: #1082851) * Fix CVE-2024-9902: A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner. -- Lee Garrett Wed, 04 Dec 2024 18:12:49 +0100 ansible-core (2.14.16-0+deb12u1) bookworm; urgency=medium * New stable release (Closes: #1070193) * New upstream version 2.14.16 * Bugfix-only release to bookworm, fixing the following security issues: - Address issue where ANSIBLE_NO_LOG was ignored (CVE-2024-0690) - Address issues where internal templating can cause unsafe variables to lose their unsafe designation (CVE-2023-5764) - Prevent roles from using symlinks to overwrite files outside of the installation directory (CVE-2023-5115) * Update d/gbp.conf to point to bookworm * Update d/control Vcs-Git field to point to bookworm * Update watch file to accomodate a common upstream typo * d/gbp.conf: Update upstream branch * d/gbp.conf: set merge-mode replace by default * d/gbp.conf: Sign tags by default * autopkgtests: Add dep to python3-systemd -- Lee Garrett Tue, 25 Jun 2024 16:52:07 +0200 ansible-core (2.14.13-1) unstable; urgency=medium * New upstream version 2.14.13 * Update package to conform to DEP-14 packaging layout * Update dep3 patch headers -- Lee Garrett Tue, 12 Dec 2023 11:20:17 +0100 ansible-core (2.14.11-2) unstable; urgency=medium * Enforce locale to ensure it builds reproducibly * Fix facter when puppet not present (Closes: #1055616) -- Lee Garrett Fri, 10 Nov 2023 13:50:13 +0100 ansible-core (2.14.11-1) unstable; urgency=medium * New upstream version 2.14.11 * Fix galaxy tests * Fix lintian override * Update changelog and release to unstable -- Lee Garrett Fri, 20 Oct 2023 19:41:09 +0200 ansible-core (2.14.10-1) unstable; urgency=medium * New upstream release -- Lee Garrett Tue, 12 Sep 2023 12:27:50 +0200 ansible-core (2.14.9-2) unstable; urgency=medium * Fix unit tests -- Lee Garrett Sat, 19 Aug 2023 02:16:32 +0200 ansible-core (2.14.9-1) unstable; urgency=medium * New upstream version 2.14.9 * Refresh patches * Adapt to upstream change of man page building * Fix double-build failure (Closes: #1043680) -- Lee Garrett Fri, 18 Aug 2023 23:56:27 +0200 ansible-core (2.14.8-1) unstable; urgency=medium * New upstream release -- Lee Garrett Tue, 18 Jul 2023 13:24:30 +0200 ansible-core (2.14.7-1) unstable; urgency=medium * New upstream release * Refresh 0005-use-py3.patch * Drop 0010-fix-json-uri-subtype.patch (applied upstream) -- Lee Garrett Mon, 17 Jul 2023 15:26:13 +0200 ansible-core (2.14.6-1) unstable; urgency=medium * New upstream release * d/watch: Remove signature check * d/control: Recommend python3-passlib (Closes: #1034251) * d/control: Update python3-resolvelib version dependency (Closes: #1037932, #1037443) * uri: fix search for json types to include strings in the format xxx/yyy+json (Closes: #1037126) -- Lee Garrett Fri, 16 Jun 2023 16:13:27 +0200 ansible-core (2.14.3-1) unstable; urgency=medium * New upstream release -- Lee Garrett Wed, 01 Mar 2023 21:06:21 +0100 ansible-core (2.14.2-1) unstable; urgency=medium * Bump Standards-Version (no changes needed) * New upstream version 2.14.2 * Acknowledge previous NMU. -- Lee Garrett Tue, 31 Jan 2023 13:11:22 +0100 ansible-core (2.14.1-2) unstable; urgency=medium * Team upload. [ Steve Langasek ] * Drop superfluous --python 3.10 in autopkgtest (Closes: #1028405) -- Jochen Sprickerhof Mon, 16 Jan 2023 10:14:20 +0100 ansible-core (2.14.1-1) unstable; urgency=medium * New upstream release * autopkgtest: Depend on python3-pytest-forked (Closes: #1025335) -- Lee Garrett Tue, 13 Dec 2022 16:17:44 +0100 ansible-core (2.14.0-1) unstable; urgency=medium * New upstream release * Use PEP517 build process (Closes: #1024705) * Tighten resolvelib dependency (Closes: #1010345) * Tighten python3 and pyyaml dependencies * Fix autopkgtests (Closes: #1024713) * Remove 0007-use-C.UTF-8.patch (fixed upstream) -- Lee Garrett Tue, 29 Nov 2022 01:55:18 +0100 ansible-core (2.13.4-1) unstable; urgency=medium * New upstream release -- Lee Garrett Tue, 13 Sep 2022 16:41:09 +0200 ansible-core (2.13.3-1) unstable; urgency=medium * New upstream release 2.13.3 * Remove patch to preserve debian dir * Refresh Debian patches * Correctly build man pages * Update Build-Depends * Bump jinja2 requirements * Run autopkgtests against python 3.10 * support for newer resolvelib (Closes: #1007907) -- Lee Garrett Wed, 07 Sep 2022 18:05:59 +0200 ansible-core (2.12.4-1) unstable; urgency=medium * New upstream release -- Lee Garrett Tue, 29 Mar 2022 17:10:19 +0200 ansible-core (2.12.3-1) unstable; urgency=medium * New upstream release * Switch build-dep from python3-all to python3 (Closes: #1001040) -- Lee Garrett Sun, 06 Mar 2022 18:39:56 +0100 ansible-core (2.12.0-1) unstable; urgency=medium * New upstream release. * Upload to unstable. * Drop 0006-use-Cryptodome.patch (fixed upstream) -- Lee Garrett Thu, 18 Nov 2021 13:42:31 +0100 ansible-core (2.11.6-1) experimental; urgency=medium * New upstream release (Closes: #977327) * Rename source/binary package to ansible-core * Upload to experimental (Closes: #995879) * Fix issues with 0005_use_py3.patch (Closes: #992107) * Fix usage of Cryptodome * Fix all unit tests * Bump Standards-Version to 4.6.0.1 (no changes needed) * Fix several lintian warnings -- Lee Garrett Sun, 07 Nov 2021 00:40:26 +0100 ansible-base (2.10.5+dfsg-2) experimental; urgency=medium * Enable autopkgtests. * Fix python interpreter detection (Closes: #983140) -- Lee Garrett Mon, 22 Mar 2021 22:41:46 +0100 ansible-base (2.10.5+dfsg-1) unstable; urgency=medium * New upstream release. * Upload to unstable. -- Lee Garrett Wed, 10 Feb 2021 01:09:15 +0100 ansible-base (2.10.4-1) experimental; urgency=medium * Initial packaging of ansible-base (split out at upstream from ansible) * Switch from python3-crypto to python3-pycryptodome (Closes: #971309) * Bump Standards-Version to 4.5.1 (no changes needed) -- Lee Garrett Sat, 09 Jan 2021 23:14:43 +0100