FEDORA-2020-1208eaa3e9 created by kevin 4 months ago for Fedora 32
obsolete

Update to 2.9.12 upstream bugfix and security update

This update has been submitted for testing by kevin.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago
User Icon bcotton provided feedback 4 months ago
karma
User Icon frantisekz commented & provided feedback 4 months ago
karma

Seems to work fine

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon mhael commented & provided feedback 4 months ago
karma

This release contain breaking change which affects permissions for newly created files (if no mode is specifically set in the task). This can cause serous unintended side effects. In fact, the change in question is already reversed by authors due to feedback received after ansible-2.9.12 release. See https://github.com/ansible/ansible/issues/67794#issuecomment-672921617

I've verified that this package contains the breaking change. Any new files created by copy/template/other core modules will be created with mode=0600 if mode is not specified explicitly in the task.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

4 months ago
User Icon filiperosset commented & provided feedback 4 months ago
karma

no regressions noted

User Icon kparal commented & provided feedback 4 months ago
karma

No issues in my personal small playbook, but please see @mhael's comment

User Icon kevin commented & provided feedback 4 months ago

Ugh. Yeah, nasty... ok. I will look at reverting this although it's a big chunk to revert...

User Icon lhirlimann commented & provided feedback 4 months ago
karma

Works as expected on my playbooks

This update has been obsoleted by ansible-2.9.13-1.fc32.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
4 months ago
in testing
4 months ago
BZ#1805331 CVE-2020-1736 ansible: atomic_move primitive sets permissive permissions [fedora-all]
0
0
BZ#1857186 CVE-2020-14330 ansible: masked keys for uri module are exposed into content and json output [fedora-all]
0
0
BZ#1857818 CVE-2020-14332 ansible: module_args does not censor properly in --check mode [fedora-all]
0
0

Automated Test Results