3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/tools/admin
Andreas Rammhold b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
..
acme.sh acme-sh: 2.8.2 -> 2.8.3 (#70555) 2019-10-13 17:48:16 +02:00
adtool treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
amazon-ecr-credential-helper treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
analog analog: 6.0.15 -> 6.0.16 2019-08-17 09:55:49 -07:00
ansible ansible_2_6: 2.6.17 -> 2.6.20 2019-12-15 21:25:07 +01:00
aws-env treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
aws-google-auth aws-google-auth: 0.0.32 -> 0.0.33 2019-11-25 00:08:56 -08:00
aws-rotate-key aws-rotate-key: 1.0.4 -> 1.0.6 2019-09-04 09:37:25 +02:00
aws-vault treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
aws_shell aws_shell: 0.2.0 -> 0.2.1 2019-10-27 16:26:57 +01:00
awscli awscli: remove unnecessary override on python prompt_toolkit 2019-12-07 19:17:55 +01:00
awslogs awslogs: propagate setuptools 2019-11-14 14:31:13 +01:00
awsweeper awsweeper: init at 0.4.1 2019-12-08 04:20:00 -05:00
azure-cli azure-cli: freeze azure-mgmt-recoveryservicesbackup 2019-12-10 18:28:21 -08:00
berglas berglas: 0.2.0 → 0.2.1 2019-10-30 21:52:06 +02:00
bluemix-cli treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
boulder boulder: init at release-2019-10-13 2019-10-20 14:15:20 +02:00
bubblewrap treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
certbot certbot: don't use distutils.StrictVersion 2019-10-29 14:10:56 +01:00
certigo certigo: use buildGoPackage 2019-09-21 04:27:00 -05:00
chkcrontab
clair clair: 2.0.8 -> 2.0.9 2019-09-02 20:37:25 -05:00
cli53 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
daemontools
dehydrated dehydrated: move to pname syntax, handle docs/manpage. 2019-09-12 19:54:44 +02:00
docker-credential-gcr treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
eksctl eksctl: 0.11.0 -> 0.11.1 2019-12-06 21:03:24 +08:00
elasticsearch-curator elasticsearch-curator: move out of python-packages 2019-11-19 07:38:27 -08:00
fastlane treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
fbvnc fbvnc: init at 1.0.2 2019-11-25 10:29:03 +01:00
gixy gixy: fix error - no module named pkg_resources 2019-09-09 10:59:58 +03:00
google-cloud-sdk google-cloud-sdk: 255.0.0 -> 268.0.0 (#71958) 2019-10-29 09:26:21 +00:00
gtk-vnc gtk-vnc: fixups 2019-08-22 17:14:37 -04:00
iamy treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
intecture treewide: name -> pname (#67513) 2019-08-31 07:41:22 -04:00
lego lego: 3.0.2 -> 3.2.0 2019-11-28 00:28:19 -05:00
lxd lxd: 3.13 -> 3.18 2019-10-15 13:11:26 +02:00
mycli mycli: 1.19.0 -> 1.20.1 2019-10-09 10:59:46 -07:00
nomachine-client nomachine-client: 6.7.6 -> 6.8.1 2019-09-19 13:16:08 +02:00
oxidized oxidized: fix gitcrypt dependencies 2019-10-09 10:06:20 +02:00
pebble pebble: init at 2.2.2 2019-10-23 13:12:11 +02:00
procs procs: 0.8.13 -> 0.8.16 2019-12-09 04:20:00 -05:00
pulumi pulumi: install providers and add update script 2019-11-04 16:03:58 +01:00
salt pepper: python2Packages -> pythonPackages (python3 should work) 2019-04-17 14:09:16 -05:00
scaleway-cli treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
sec sec: 2.8.1 -> 2.8.2 2019-06-18 04:50:53 -07:00
sewer sewer: 0.6.0 -> 0.7.0 2019-03-06 21:12:59 +01:00
simp_le simp_le: 0.9.0 -> 0.16.0 2019-10-20 14:15:20 +02:00
ssl-cert-check treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
swiftclient swiftclient: init at 3.6.0 2018-12-13 21:18:09 +01:00
tigervnc tigervnc: add perl to buildInputs (#75367) 2019-12-14 18:06:01 +01:00
tightvnc tightvnc: add patches for four CVEs 2019-11-24 19:44:01 +01:00
virtscreen virtscreen: init at 0.3.1 2019-02-18 13:45:20 -05:00
vncdo treewide: remove redundant rec 2019-08-28 11:07:32 +00:00