Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted ansible-core 2.18.0-2 (source) into unstable
Date: Sat, 30 Nov 2024 21:35:42 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 30 Nov 2024 17:21:42 +0000
Source: ansible-core
Architecture: source
Version: 2.18.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1088106
Changes:
 ansible-core (2.18.0-2) unstable; urgency=medium
 .
   * Team upload
   * Fix CVE-2024-11079: This vulnerability allows attackers
     to bypass unsafe content protections using the
     hostvars object to reference and execute templated content.
     This issue can lead to arbitrary code execution if remote
     data or module outputs are improperly templated within playbooks
     (Closes: #1088106).
Checksums-Sha1:
 b28534fc92389a5e265f108142687217825dc322 2499 ansible-core_2.18.0-2.dsc
 98f28b274ac561cbd8e54c1f4f97233fea428d99 29976 ansible-core_2.18.0-2.debian.tar.xz
 b1dad5714f67734325e1e4302a8e0cf39970516c 7509 ansible-core_2.18.0-2_amd64.buildinfo
Checksums-Sha256:
 d4573f2ca56ef84b14ab4fac73649cb205d124fde36bb05878d0ff973187f39e 2499 ansible-core_2.18.0-2.dsc
 76aee8f36942a35fb4bd936f1cf63aac7188d864eed6d643c6d530af0132767a 29976 ansible-core_2.18.0-2.debian.tar.xz
 307481c7067358c33bce9e9c621f51be7eeb14f63c6a1a9700c1e9c328c9d72f 7509 ansible-core_2.18.0-2_amd64.buildinfo
Files:
 1193d889a7b8089c9c9d9870343256a7 2499 admin optional ansible-core_2.18.0-2.dsc
 b1eeb21659be1896792dff0b9e1181cf 29976 admin optional ansible-core_2.18.0-2.debian.tar.xz
 ceda5463a5b4fe97265976e82ab9c2a9 7509 admin optional ansible-core_2.18.0-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmdLhBQRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+orA/7B1xFEn/G3WLNBYMvpPFstMpq2HoSqTPf
0eGCsVqmT2PGONhqfOJ3qJOFnPdfyK6c9HUAFYrhZtoPiaOwNLveVfxBEH8UIdqH
eyC6pAKb09Lg0A1wX0adG+aA64f7PmoERc2l0ePkTG8LpGseerQK8wbcO8b0w3ly
wtqcFZkC+7LLgfR9/B/osxfEj/E0027eoTzDIDZI8tAAuuJdARcUhE+avNDU8daY
ZuKi3ob0wxBhshQHW9Z41FlqutqCpsirVJzCplVXeiTQHhb0bg7hwI/61v//HC2y
gguoVaxHUkp+h7GyItdEh77a64mb4lumJFR3uEGBgozqDKuL39xkTyHTKcTgMSqy
8/v1wbiERQxfABbQMiGK3lyWRkcruZXn5grRwjVwZyLzhCSoYR8ZF60vWy6++yhY
SRI4tZ4p6lDoUdxJhcwNF6eRmDw1EdX5dIuuNE0QSJbcRwcK6VQvHbM5o1eFfLIC
kpIuKJ7+L/wvY95KvieKwNZvhNnHCIpI/ny3I+TELWyA9hOlZzeM8D5SZgW9/mlo
6/ZXOBsKb+45cZqeekD2ALSN95387xNgWNHu1LNV/fo5XmyR7vwT81jTO1mTsOF6
j9XIdfFEXPXnUDXtAeKV35vmgyfEY19WGlA6vtIG+IAU6CGTGPuf732HdrBKh5XS
VTlKD3XGXi8=
=E1qc
-----END PGP SIGNATURE-----

News for package ansible-core