Mail archive
alpine-aports

[alpine-aports] [PATCH v3.5] main/ansible: security upgrade to 2.2.1.0 - fixes #6783

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Wed, 1 Feb 2017 07:55:37 +0000

CVE-2016-9587: host to controller command execution vulnerability
---
It looks that there were no major changes in 2.2.2 vs 2.2.1
https://raw.githubusercontent.com/ansible/ansible/stable-2.2/CHANGELOG.md
 main/ansible/APKBUILD | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/main/ansible/APKBUILD b/main/ansible/APKBUILD
index 7d57f81ac3..f3df7e23eb 100644
--- a/main/ansible/APKBUILD
+++ b/main/ansible/APKBUILD
_at_@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Contributor: Łukasz Jendrysik <scadu_at_yandex.com>
 # Contributor: Sören Tempel <soeren+alpine_at_soeren-tempel.net>
 # Maintainer: Fabian Affolter <fabian_at_affolter-engineering.ch>
 pkgname=ansible
-pkgver=2.2.0.0
+pkgver=2.2.1.0
 pkgrel=0
 pkgdesc="A configuration-management, deployment, task-execution, and multinode orchestration framework"
 url="http://ansible.com"
_at_@ -13,6 +14,10 @@ makedepends="python2-dev py-setuptools"
 subpackages="$pkgname-doc"
 source="$pkgname-$pkgver.tar.gz::http://releases.ansible.com/ansible/$pkgname-$pkgver.tar.gz"
 
+# secfixes:
+#   2.2.1.0-r0:
+#   - CVE-2016-9587
+
 builddir="$srcdir"/$pkgname-$pkgver
 build() {
 	cd "$builddir"
_at_@ -39,6 +44,6 @@ package() {
 		"$pkgdir"/usr/share/doc/$pkgname/README.extras.md || return 1
 }
 
-md5sums="a19999efedc1b97b91250cda5df73f8a  ansible-2.2.0.0.tar.gz"
-sha256sums="d9f198d293394ce0f8ba802561b21368888e3301036a706b5584641b49408586  ansible-2.2.0.0.tar.gz"
-sha512sums="8bb8360f41e920c46552ead826a342311d0acffa264334c8c8ae868f8bf45caad4ff2b9c9c0ec4e551653edaf80eb49d8dece5c2ba7e1088c2ce74d3ff0e3130  ansible-2.2.0.0.tar.gz"
+md5sums="9e6e3961a0aa78a94b2fcdbb73e94fe9  ansible-2.2.1.0.tar.gz"
+sha256sums="63a12ea784c0f90e43293b973d5c75263634c7415e463352846cd676c188e93f  ansible-2.2.1.0.tar.gz"
+sha512sums="10f90f4ac68215febd14e36fa9ea3b2156677f2b7a29a08633e0702bcbd8a7c3551980deeabcff756380b076ac7ba6a5e9eca07af66d908d8d6627390744bc00  ansible-2.2.1.0.tar.gz"
-- 
2.11.0
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Feb 01 2017 - 07:55:37 GMT