Hello community, here is the log from the commit of package ansible for openSUSE:Factory checked in at 2014-08-25 11:05:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ansible (Old) and /work/SRC/openSUSE:Factory/.ansible.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ansible" Changes: -------- --- /work/SRC/openSUSE:Factory/ansible/ansible.changes 2014-07-21 21:39:51.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ansible.new/ansible.changes 2014-08-25 11:06:25.000000000 +0200 @@ -1,0 +2,59 @@ +Sun Aug 17 15:21:38 UTC 2014 - l...@linux-schulserver.de + +- update to 1.7.1: + Major new features: + + Windows support (alpha) using native PowerShell remoting + + Tasks can now specify run_once: true, meaning they will be executed + exactly once. This can be combined with delegate_to to trigger actions + you want done just the one time versus for every host in inventory. + + New Modules: + + cloud: azure + + cloud: rax_meta + + cloud: rax_scaling_group + + cloud: rax_scaling_policy + + windows: version of setup module + + windows: version of slurp module + + windows: win_feature + + windows: win_get_url + + windows: win_msi + + windows: win_ping + + windows: win_user + + windows: win_service + + windows: win_group + + New inventory scripts: + + SoftLayer + + Windows Azure + + Docker module bug fixes: + + Fixed support for specifying rw/ro bind modes for volumes + + Fixed support for allowing the tag in the image parameter + + Other notable changes: + + Performance enhancements related to previous security fixes, which + could cause slowness when modules returned very large JSON results. + This specifically impacted the unarchive module frequently, which + returns the details of all unarchived files in the result. + + Inventory speed improvements for very large inventories. + + Vault password files can now be executable, to support scripts + that fetch the vault password. + + Fixes an issue with the copy module when copying a directory that + fails when changing file attributes and the target file already exists + + Improved unicode handling when splitting args + + Further improvements to module parameter parsing to address + additional regressions caused by security fixes + + Corrects a regression in the way shell and command parameters + were being parsed + + Various other bug fixes + + Security fixes: + + Security fix to disallow specifying 'args:' as a string, which could + allow the insertion of extra module parameters through variables. + + Strip lookup calls out of inventory variables and clean unsafe + data returned from lookup plugins (CVE-2014-4966) + + Make sure vars don't insert extra parameters into module args and + prevent duplicate params from superseding previous params (CVE-2014-4967) +- adapt specfile requirements for RedHat and Fedora + +------------------------------------------------------------------- Old: ---- ansible-1.6.6.tar.bz2 New: ---- ansible-1.7.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ansible.spec ++++++ --- /var/tmp/diff_new_pack.7w7deo/_old 2014-08-25 11:06:26.000000000 +0200 +++ /var/tmp/diff_new_pack.7w7deo/_new 2014-08-25 11:06:26.000000000 +0200 @@ -18,7 +18,7 @@ Name: ansible -Version: 1.6.6 +Version: 1.7.1 Release: 0 Summary: SSH-based configuration management, deployment, and orchestration engine License: GPL-3.0+ @@ -58,22 +58,32 @@ # %if 0%{?rhel} && 0%{?rhel} <= 5 %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")} +%if 0%{?rhel} == 5 +%define __python /usr/bin/python26 +%endif BuildRequires: python26-devel BuildRequires: python26-setuptools Requires: python26-PyYAML Requires: python26-httplib2 +Requires: python26-httplib2 Requires: python26-jinja2 Requires: python26-keyczar Requires: python26-paramiko +Requires: python26-setuptools %endif %if 0%{?rhel} > 5 || 0%{?rhel_version} > 505 BuildRequires: python26-devel BuildRequires: python26-setuptools Requires: python26-PyYAML Requires: python26-httplib2 +Requires: python26-httplib2 Requires: python26-jinja2 Requires: python26-keyczar Requires: python26-paramiko +Requires: python26-setuptools +%endif +%if 0%{?rhel} == 6 +Requires: python-crypto2.6 %endif # # Fedora @@ -83,6 +93,7 @@ BuildRequires: python-setuptools Requires: PyYAML Requires: python-httplib2 +Requires: python-httplib2 Requires: python-jinja2 Requires: python-keyczar Requires: python-paramiko ++++++ CHANGELOG.md ++++++ --- /var/tmp/diff_new_pack.7w7deo/_old 2014-08-25 11:06:26.000000000 +0200 +++ /var/tmp/diff_new_pack.7w7deo/_new 2014-08-25 11:06:26.000000000 +0200 @@ -1,17 +1,80 @@ Ansible Changes By Release ========================== -## 1.6.6 "And the Cradle Will Rock" - Jul 01, 2014 +## 1.8 "You Really Got Me" - Active Development -- Security updates to further protect against the incorrect execution of untrusted data -## 1.6.5 "And the Cradle Will Rock" - Jun 25, 2014 +## 1.7.1 "Summer Nights" - Aug 14, 2014 + +- Security fix to disallow specifying 'args:' as a string, which could allow the insertion of extra module parameters through variables. +- Performance enhancements related to previous security fixes, which could cause slowness when modules returned very large JSON results. This specifically impacted the unarchive module frequently, which returns the details of all unarchived files in the result. +- Docker module bug fixes: + * Fixed support for specifying rw/ro bind modes for volumes + * Fixed support for allowing the tag in the image parameter +- Various other bug fixes + +## 1.7 "Summer Nights" - Aug 06, 2014 + +Major new features: + +* Windows support (alpha) using native PowerShell remoting +* Tasks can now specify `run_once: true`, meaning they will be executed exactly once. This can be combined with delegate_to to trigger actions you want done just the one time versus for every host in inventory. + +New inventory scripts: + +* SoftLayer +* Windows Azure + +New Modules: + +* cloud: azure +* cloud: rax_meta +* cloud: rax_scaling_group +* cloud: rax_scaling_policy +* windows: version of setup module +* windows: version of slurp module +* windows: win_feature +* windows: win_get_url +* windows: win_msi +* windows: win_ping +* windows: win_user +* windows: win_service +* windows: win_group + +Other notable changes: + +* Inventory speed improvements for very large inventories. +* Vault password files can now be executable, to support scripts that fetch the vault password. + -- Additional tweaks to prevent the incorrect execution of untrusted data +## 1.6.10 "And the Cradle Will Rock" - Jul 25, 2014 -## 1.6.4 "And the Cradle Will Rock" - Jun 25, 2014 +- Fixes an issue with the copy module when copying a directory that fails when changing file attributes and the target file already exists +- Improved unicode handling when splitting args -- Security update to prevent local operations from executing as the result of specifically crafted untrusted data +## 1.6.9 "And the Cradle Will Rock" - Jul 24, 2014 + +- Further improvements to module parameter parsing to address additional regressions caused by security fixes + +## 1.6.8 "And the Cradle Will Rock" - Jul 22, 2014 + +- Corrects a regression in the way shell and command parameters were being parsed + +## 1.6.7 "And the Cradle Will Rock" - Jul 21, 2014 + +- Security fixes: + * Strip lookup calls out of inventory variables and clean unsafe data + returned from lookup plugins (CVE-2014-4966) + * Make sure vars don't insert extra parameters into module args and prevent + duplicate params from superseding previous params (CVE-2014-4967) + +## 1.6.6 "And the Cradle Will Rock" - Jul 01, 2014 + +- Security updates to further protect against the incorrect execution of untrusted data + +## 1.6.4, 1.6.5 "And the Cradle Will Rock" - Jun 25, 2014 + +- Security updates related to evaluation of untrusted remote inputs ## 1.6.3 "And the Cradle Will Rock" - Jun 09, 2014 @@ -23,7 +86,7 @@ - Various other minor bug fixes. ## 1.6.2 "And the Cradle Will Rock" - May 23, 2014 - + - If an improper locale is specified, core modules will now automatically revert to using the 'C' locale. - Modules using the fetch_url utility will now obey proxy environment variables. - The SSL validation step in fetch_url will likewise obey proxy settings, however only proxies using the http protocol are supported. ++++++ ansible-1.6.6.tar.bz2 -> ansible-1.7.1.tar.bz2 ++++++ ++++ 15279 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org