--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-1d2bc76093
2018-07-12 14:18:11.698142
--------------------------------------------------------------------------------
Name : ansible
Product : Fedora 28
Version : 2.6.1
Release : 1.fc28
URL :
http://ansible.com
Summary : SSH-based configuration management, deployment, and task execution system
Description :
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.
--------------------------------------------------------------------------------
Update Information:
Update to ansible 2.6.1 bugfix release. Fixes also 2 CVEs: CVE-2018-10874 and
CVE-2018-10875 See
https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v...
for full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 5 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.6.1-1
- Update to 2.6.1. Fixes bug #1598602
- Fixes CVE-2018-10874 and CVE-2018-10875
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.6.0-2
- Rebuilt for Python 3.7
* Thu Jun 28 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.6.0-1
- Update to 2.6.0. Fixes bug #1596424
* Tue Jun 26 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.5.5-5
- Rebuilt for Python 3.7
* Mon Jun 25 2018 Toshio Kuratomi <toshio(a)fedoraproject.org> - - 2.5.5-4
- Upstream patch to build docs with older jinja2 (Fedora 27)
- Build changes to build only rst docs for modules and plugins when a distro
doesn't have modern enough packages to build the documentation. (EPEL7)
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 2.5.5-3
- Rebuilt for Python 3.7
* Fri Jun 15 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.5-2
- Stop building docs on F27 as python-jinja2 is too old there.
* Thu Jun 14 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.5-1
- Update to 2.5.5. Fixes bug #1580530 and #1584927
- Fixes 1588855,1590200 (fedora) and 1588855,1590199 (epel)
CVE-2018-10855 (security bug with no_log handling)
* Thu May 31 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.4-1
- Update to 2.5.4. Fixes bug #1584927
* Thu May 17 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.3-1
- Update to 2.5.3. Fixes bug #1579577 and #1574221
* Thu Apr 26 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.2-1
- Update to 2.5.2 with bugfixes.
* Wed Apr 18 2018 Kevin Fenzi <kevin(a)scrye.com> - 2.5.1-1
- Update to 2.5.1 with bugfixes. Fixes: #1569270 #1569153 #1566004 #1566001
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1598810 - CVE-2018-10874 ansible: Inventory variables are loaded from current
working directory when running ad-hoc command that can lead to code execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598810
[ 2 ] Bug #1598806 - CVE-2018-10875 ansible: ansible.cfg is being read from current
working directory allowing possible code execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598806
[ 3 ] Bug #1598809 - CVE-2018-10874 ansible: Inventory variables are loaded from current
working directory when running ad-hoc command that can lead to code execution
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598809
[ 4 ] Bug #1598805 - CVE-2018-10875 ansible: ansible.cfg is being read from current
working directory allowing possible code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1598805
[ 5 ] Bug #1598602 - ansible-2.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1598602
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-1d2bc76093' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------