Debian Package Tracker

general

source: ansible (main)
version: 2.8.3+dfsg-1
maintainer: Harlan Lieberman-Berg (DMD)
uploaders: Lee Garrett [DMD] – Michael Vogt [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.7.2+dfsg-2
o-o-sec: 1.7.2+dfsg-2+deb8u2
oldstable: 2.2.1.0-2+deb9u1
old-sec: 2.2.1.0-2+deb9u1
old-bpo: 2.7.5+dfsg-1~bpo9+1
stable: 2.7.7+dfsg-1
testing: 2.7.8+dfsg-1
unstable: 2.8.3+dfsg-1

versioned links

1.7.2+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.2+dfsg-2+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.1.0-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.5+dfsg-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.7+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.8+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ansible (9 bugs: 0, 8, 1, 0)
ansible-doc (3 bugs: 0, 1, 2, 0)

action needed

A new upstream version is available: 2.8.5 high

A new upstream version 2.8.5 is available, you should consider packaging it.

Created: 2019-08-19 Last update: 2019-09-17 18:39

3 security issues in bullseye high

There are 3 open security issues in bullseye.

3 important issues:

CVE-2019-10156: A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
CVE-2019-10217:
CVE-2019-10206:

Please fix them.

Created: 2019-07-07 Last update: 2019-09-16 14:03

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2019-10217:
CVE-2019-10206:

Please fix them.

Created: 2019-06-06 Last update: 2019-09-16 14:03

lintian reports 2 warnings high

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-08 Last update: 2019-08-04 02:30

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2019-08-08 Last update: 2019-09-17 20:09

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2019-04-01 Last update: 2019-09-17 20:03

Depends on packages which need a new maintainer normal

The packages that ansible depends on which need a new maintainer are:

cowsay (#910035)
- Suggests: cowsay

Created: 2018-10-16 Last update: 2019-09-17 19:05

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-11-06 Last update: 2019-09-17 15:45

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.8.4+dfsg-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5cc2723cffde5e7c6ce9f1e33bf82204715a9513
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sun Sep 1 20:31:27 2019 +0200

    d/copyright: Don't exclude removed directory
    
    docs were refactored in ansible, this dir doesn't exist anymore.

commit 026bdcd0fbe58631e47ae5aa0f8074a7a043a617
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sun Sep 1 19:58:03 2019 +0200

    whitespace fix

commit 5ca5e62e2bd87f71a9edf4e2e10b6c7dbae4c033
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sun Sep 1 19:05:44 2019 +0200

    Update changelog

commit dc25c8eae8030db77814d7344f723dc50e34d220
Merge: f64b0218 92d27494
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sun Sep 1 18:59:28 2019 +0200

    Update upstream source from tag 'upstream/2.8.4+dfsg'
    
    Update to upstream version '2.8.4+dfsg'
    with Debian dir 0790c096d0483f7a8617d8bf26d15a2f688660a4

commit 92d2749481e6895c2a161e06e870f980448df264
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sun Sep 1 18:58:56 2019 +0200

    New upstream version 2.8.4+dfsg

commit f64b0218c8a2ddc32b14964679b31f92c188058c
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Sat Aug 31 16:06:32 2019 +0200

    Remove Michael Vogt from uploaders
    
    As per request via mail. Thanks for the past contributions!

Created: 2017-12-03 Last update: 2019-09-16 06:23

2 ignored security issues in buster low

There are 2 open security issues in buster.

2 issues skipped by the security teams:

CVE-2019-10156: A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
CVE-2019-10206:

Please fix them.

Created: 2019-06-06 Last update: 2019-09-16 14:03

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2019-10206:

Please fix it.

Created: 2015-07-14 Last update: 2019-09-16 14:03

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2019-10156: A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
CVE-2017-7481: Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
CVE-2019-10206:

Please fix them.

Created: 2017-04-22 Last update: 2019-09-16 14:03

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-08-03 07:29

testing migrations

excuses:
- Migration status for ansible (2.7.8+dfsg-1 to 2.8.3+dfsg-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Not built on buildd: arch all binaries uploaded by lgarrett@rocketjump.eu, a new source-only upload is needed to allow migration
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/a/ansible.html
- 46 days old (needed 5 days)
- Not considered

news

[rss feed]

[2019-09-16] Accepted ansible 1.7.2+dfsg-2+deb8u2 (source all) into oldoldstable (Roberto C. Sanchez)
[2019-08-02] Accepted ansible 2.8.3+dfsg-1 (source all) into unstable (Lee Garrett)
[2019-07-09] ansible 2.7.8+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-03-07] Accepted ansible 2.2.1.0-2+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Lee Garrett) (signed by: Harlan Lieberman-Berg)
[2019-03-03] ansible 2.7.7+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-03-02] Accepted ansible 2.7.8+dfsg-1 (source) into unstable (Lee Garrett)
[2019-02-21] Accepted ansible 2.7.7+dfsg-1 (source all) into unstable (Lee Garrett)
[2019-02-19] Accepted ansible 2.2.1.0-2+deb9u1 (source all) into stable->embargoed, stable (Lee Garrett) (signed by: Harlan Lieberman-Berg)
[2019-02-02] ansible 2.7.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-01-27] Accepted ansible 2.7.6+dfsg-1 (source) into unstable (Lee Garrett)
[2019-01-11] Accepted ansible 2.7.5+dfsg-1~bpo9+1 (source all) into stretch-backports, stretch-backports (Harlan Lieberman-Berg)
[2019-01-06] Accepted ansible 2.7.5+dfsg-2 (source) into experimental (Lee Garrett)
[2018-12-27] ansible 2.7.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-21] Accepted ansible 2.7.5+dfsg-1 (source all) into unstable, unstable (Lee Garrett) (signed by: Harlan Lieberman-Berg)
[2018-11-18] ansible 2.7.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-11-13] Accepted ansible 2.7.1+dfsg-2 (source all) into unstable (Lee Garrett)
[2018-11-12] Accepted ansible 1.7.2+dfsg-2+deb8u1 (source all) into oldstable (Chris Lamb)
[2018-11-03] ansible 2.7.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-11-03] ansible 2.7.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-10-28] Accepted ansible 2.7.1+dfsg-1 (source all) into unstable (Lee Garrett)
[2018-10-05] ansible 2.6.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-29] Accepted ansible 2.6.5+dfsg-1 (source all) into unstable (Lee Garrett)
[2018-09-15] ansible 2.6.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-09] Accepted ansible 2.6.4+dfsg-1 (source all) into unstable (Lee Garrett)
[2018-08-31] Accepted ansible 2.6.3+dfsg-1~bpo9+1 (source all) into stretch-backports (Lee Garrett)
[2018-08-26] ansible 2.6.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-20] Accepted ansible 2.6.3+dfsg-1 (source all) into unstable (Lee Garrett)
[2018-07-17] ansible 2.6.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-07-11] Accepted ansible 2.6.1+dfsg-1 (source all) into unstable (Lee Garrett)
[2018-06-21] ansible 2.5.5+dfsg-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 16
RC: 0
I&N: 12
M&W: 4
F&P: 0
patch: 2

links

homepage
lintian (0, 2)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.8.3+dfsg-1
5 bugs