Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ansible-core for openSUSE:Factory checked in at 2024-11-15 15:43:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ansible-core (Old) and /work/SRC/openSUSE:Factory/.ansible-core.new.2017 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ansible-core" Fri Nov 15 15:43:08 2024 rev:34 rq:1224279 version:2.17.6 Changes: -------- --- /work/SRC/openSUSE:Factory/ansible-core/ansible-core.changes 2024-10-11 17:03:32.973790622 +0200 +++ /work/SRC/openSUSE:Factory/.ansible-core.new.2017/ansible-core.changes 2024-11-15 15:43:15.538463771 +0100 @@ -1,0 +2,41 @@ +Thu Nov 14 16:23:53 UTC 2024 - Johannes Kastl <opensuse_buildserv...@ojkastl.de> + +- update to 2.17.6: + https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst + * Minor Changes + - ansible-test - Improve container runtime probe error + handling. When unexpected probe output is encountered, an + error with more useful debugging information is provided. + * Security Fixes + - include_vars action - Ensure that result masking is correctly + requested when vault-encrypted files are read. + (CVE-2024-8775) + - task result processing - Ensure that action-sourced result + masking (_ansible_no_log=True) is preserved. (CVE-2024-8775) + - user action won't allow ssh-keygen, chown and chmod to run on + existing ssh public key file, avoiding traversal on existing + symlinks (CVE-2024-9902). + * Bugfixes + - Fix disabling SSL verification when installing collections + and roles from git repositories. If --ignore-certs isn't + provided, the value for the GALAXY_IGNORE_CERTS configuration + option will be used (#83326). + - Improve performance on large inventories by reducing the + number of implicit meta tasks. + - Use the requested error message in the + ansible.module_utils.facts.timeout timeout function instead + of hardcoding one. + - ansible-test - Enable the sys.unraisablehook work-around for + the pylint sanity test on Python 3.11. Previously the + work-around was only enabled for Python 3.12 and later. + However, the same issue has been discovered on Python 3.11. + - debconf - set empty password values (#83214). + - facts - skip if distribution file path is directory, instead + of raising error (#84006). + - user action will now require O(force) to overwrite the public + part of an ssh key when generating ssh keys, as was already + the case for the private part. + - user module now avoids changing ownership of files symlinked + in provided home dir skeleton + +------------------------------------------------------------------- Old: ---- ansible_core-2.17.5.tar.gz ansible_core-2.17.5.tar.gz.sha256 New: ---- ansible_core-2.17.6.tar.gz ansible_core-2.17.6.tar.gz.sha256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ansible-core.spec ++++++ --- /var/tmp/diff_new_pack.Nx7wGt/_old 2024-11-15 15:43:16.470502788 +0100 +++ /var/tmp/diff_new_pack.Nx7wGt/_new 2024-11-15 15:43:16.474502956 +0100 @@ -38,7 +38,7 @@ %endif Name: ansible-core -Version: 2.17.5 +Version: 2.17.6 Release: 0 Summary: Radically simple IT automation License: GPL-3.0-or-later ++++++ ansible_core-2.17.5.tar.gz -> ansible_core-2.17.6.tar.gz ++++++ ++++ 1897 lines of diff (skipped) ++++++ ansible_core-2.17.5.tar.gz.sha256 -> ansible_core-2.17.6.tar.gz.sha256 ++++++ --- /work/SRC/openSUSE:Factory/ansible-core/ansible_core-2.17.5.tar.gz.sha256 2024-10-11 17:03:33.101795945 +0200 +++ /work/SRC/openSUSE:Factory/.ansible-core.new.2017/ansible_core-2.17.6.tar.gz.sha256 2024-11-15 15:43:15.598466283 +0100 @@ -1 +1 @@ -ae7f51fd13dc9d57c9bcd43ef23f9c255ca8f18f4b5c0011a4f9b724d92c5a8e ansible_core-2.17.5.tar.gz +3e53970b7cebfe2adb39b711c1e2f8bbfcbedac828da51dc0357a19070638e95 ansible_core-2.17.6.tar.gz
