[Bug 1839312] Re: Sync ansible 2.8.3+dfsg-1 (universe) from Debian unstable (main)
Launchpad Bug Tracker
1839312 at bugs.launchpad.net
Wed Aug 7 11:33:39 UTC 2019
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: ansible (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1839312
Title:
Sync ansible 2.8.3+dfsg-1 (universe) from Debian unstable (main)
Status in ansible package in Ubuntu:
Confirmed
Bug description:
Please sync ansible 2.8.3+dfsg-1 (universe) from Debian unstable
(main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: Sensitive information could be exposed to remote node.
- debian/patches/CVE-2019-10156-1.patch: Don't pass locals.
- debian/patches/CVE-2019-10156-2.patch: Fixed tests.
- CVE-2019-10156
-> Security fix is in newest debian version
Changelog entries since current eoan version 2.7.8+dfsg-1ubuntu1:
ansible (2.8.3+dfsg-1) unstable; urgency=medium
* New upstream release (Closes: #932288)
* This release fixes CVE-2019-10156 (Closes: #930065)
-- Lee Garrett <debian at rocketjump.eu> Thu, 01 Aug 2019 10:39:19
-0300
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1839312/+subscriptions
More information about the Ubuntu-sponsors
mailing list