-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 06 Sep 2019 08:01:41 -0400 Source: ansible Binary: ansible ansible-fireball ansible-node-fireball ansible-doc Architecture: source all Version: 1.7.2+dfsg-2+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Janos Guljas <janos@debian.org> Changed-By: Roberto C. Sanchez <roberto@debian.org> Description: ansible - Configuration management, deployment, and task execution system ansible-doc - Ansible documentation and examples ansible-fireball - Ansible fireball transport support ansible-node-fireball - Ansible fireball transport support for nodes Closes: 930065 Changes: ansible (1.7.2+dfsg-2+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2015-3908: Fix potential man-in-the-middle attack associated with insusfficient X.509 certificate verification. Ansible did not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. * CVE-2015-6240: Fix a symlink attack that allows local users to escape a restricted environment (chroot or jail) via a symlink attack. * CVE-2018-10875: Fix potential arbitrary code execution resulting from reading ansible.cfg from a world-writable current working directory. This condition now causes ansible to emit a warning and ignore the ansible.cfg in the world-writable current working directory. * CVE-2019-10156: Fix information disclosure through unexpected variable substitution. (Closes: #930065) Checksums-Sha1: 211d442b99bacb3c3df4e9d288075bd6c8804237 2280 ansible_1.7.2+dfsg-2+deb8u2.dsc f72f973e0b2fe30a27f50870ec177f641130db02 103088 ansible_1.7.2+dfsg-2+deb8u2.debian.tar.xz ca3d9cac143acdaa40a6c445ad41c790abf551a1 557362 ansible_1.7.2+dfsg-2+deb8u2_all.deb 3e49f367b3a26f5723fbe69bc542563e9cf5bbd4 34628 ansible-fireball_1.7.2+dfsg-2+deb8u2_all.deb b409f1bc1731c0608d57daa4db1c9e311b2be4d4 34600 ansible-node-fireball_1.7.2+dfsg-2+deb8u2_all.deb deb41563537fecdd1f259aeeb9d5ee653f018169 512818 ansible-doc_1.7.2+dfsg-2+deb8u2_all.deb Checksums-Sha256: eea0adff02f72edfb5920ec13127613b7d90aa13a19a57ecfc3473d5136b0d26 2280 ansible_1.7.2+dfsg-2+deb8u2.dsc 79fddad2fd731a1afb92182ab7fc756a29b39e4ef90fbfae594975c0e5413841 103088 ansible_1.7.2+dfsg-2+deb8u2.debian.tar.xz d69807e385acef72fdcbaabe94004cea704c93de012cb2ddfc2cea3d80f4be60 557362 ansible_1.7.2+dfsg-2+deb8u2_all.deb d8b9d4851c93be4a531516c6e2da2a511dcc7e5e815f887111314b137cc9f248 34628 ansible-fireball_1.7.2+dfsg-2+deb8u2_all.deb bdd87278bac77ae3a40903d8cfb626d7d2eadb359fc9355211bda546f0182617 34600 ansible-node-fireball_1.7.2+dfsg-2+deb8u2_all.deb c0a2a42984977abf60778e8491115c184eafdda28e8c0a29d65085fab0883993 512818 ansible-doc_1.7.2+dfsg-2+deb8u2_all.deb Files: f8dab4bd8009ad3336eff163b29dc3d9 2280 admin optional ansible_1.7.2+dfsg-2+deb8u2.dsc 033a325d12e1921b573babe3a1070c03 103088 admin optional ansible_1.7.2+dfsg-2+deb8u2.debian.tar.xz d24a33d0d9205be136ef93b540f07745 557362 admin optional ansible_1.7.2+dfsg-2+deb8u2_all.deb d1bc795d76002f8e9992023659c54d84 34628 admin optional ansible-fireball_1.7.2+dfsg-2+deb8u2_all.deb 67a8cd055b75cba65f6687a5a15d5d3e 34600 admin optional ansible-node-fireball_1.7.2+dfsg-2+deb8u2_all.deb e312d927a12edff52ecff32956c43d84 512818 doc optional ansible-doc_1.7.2+dfsg-2+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl1yTbcACgkQLNd4Xt2n sg/olw//aPriAZhowvK2cNB2RipVDux6vlcDqq5tfEsE5l1tIwFVaQOzhpjh4SFg 8qn3cIfp2Q+46j0GaGRqpwhQGaDbEF8w9WOB7GpxvRJOQtcyj6crxhLGrv9eMum/ 3+AFHBkgQ60xgR/EXBq12socblUCMqee3fOcbGreDxJ7C49CZsqK7GSQMyv25fuA VafXs3kwvxsDGVyzSbeTl0OJeNEIj1DhqbDcxpGxKc1a3N/mI6OqgGRL+VtoC+9s irTavjGhFh5m25FcgSSC8CfFVxS6mD0waDT2Z9uY4VTFmXIbcKT8p1OQVqiYknqd V0z59AfsF87NgvDqfKBjorrm8Yaujff7PQeyjFUAIoewHEpZ+XwSFwvEySOIIbQP hPJmRa2KCeGA8pYbZMATv23yFJyPt/uwcMw5bfJe3WwjK+gXmOdgVMHMqdv/h9vU eJEA7R6tREA5YTCyU+VExuT+PKfoTkubocL0QuPqFqrUSgWAcZuKvGKY3ktB5RqA W34u65/CumZFuc7m6Ce4OzLbSN9pzeXT2aYomNLszZytCWKMGCRUCgSmbQB54inF Ims2WMpvFOcqbFG8rCKFxi4RDi7cV2hIRW6VsMtY+juz/CTxtNkwchdVm3yvWHIQ m20cZdDZkoICBi90OUo9h7R2svBfunIi2vbvB030e9ROCfk7UK4= =je2O -----END PGP SIGNATURE-----