Mail archive
alpine-aports

[alpine-aports] [PATCH v3.4] main/ansible: security upgrade to 2.1.4.0 - fixes #6784

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Wed, 1 Feb 2017 08:01:10 +0000

CVE-2016-9587: host to controller command execution vulnerability
---
It looks that there were no major changes in 2.1.4 vs 2.1.0
https://raw.githubusercontent.com/ansible/ansible/stable-2.1/CHANGELOG.md
 main/ansible/APKBUILD | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/main/ansible/APKBUILD b/main/ansible/APKBUILD
index c52444e..ffe4a81 100644
--- a/main/ansible/APKBUILD
+++ b/main/ansible/APKBUILD
_at_@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Contributor: Łukasz Jendrysik <scadu_at_yandex.com>
 # Contributor: Sören Tempel <soeren+alpine_at_soeren-tempel.net>
 # Maintainer: Fabian Affolter <fabian_at_affolter-engineering.ch>
 pkgname=ansible
-pkgver=2.1.0.0
+pkgver=2.1.4.0
 pkgrel=0
 pkgdesc="A configuration-management, deployment, task-execution, and multinode orchestration framework"
 url="http://ansible.com"
_at_@ -14,6 +15,10 @@ subpackages="$pkgname-doc"
 source="$pkgname-$pkgver.tar.gz::http://releases.ansible.com/ansible/$pkgname-$pkgver.tar.gz
 	"
 
+# secfixes:
+#   2.1.4.0-r0:
+#   - CVE-2016-9587
+
 _builddir="$srcdir"/$pkgname-$pkgver
 prepare() {
 	local i
_at_@ -50,6 +55,6 @@ package() {
 		"$pkgdir"/usr/share/doc/$pkgname/README.extras.md || return 1
 }
 
-md5sums="9d8bd04d3f0032c1948c5b2bf0b3b048  ansible-2.1.0.0.tar.gz"
-sha256sums="403443b55f6522cf86f9b41544a9b6b81f7d27f088446e85334d5d7a6317ccad  ansible-2.1.0.0.tar.gz"
-sha512sums="8601325098b70469cf908ce09c075334952774519a4331f109b6aa0568fc718bb347ea4d06389277e41ce54270b19dca01815f46071d8e638e0cd751957f20c7  ansible-2.1.0.0.tar.gz"
+md5sums="bc0ee267e955d307132f55c76de056b4  ansible-2.1.4.0.tar.gz"
+sha256sums="e9f1033356557dff2fdbaa1b13a7cc8fb2ed2b15129c84d0c53f63001232cc16  ansible-2.1.4.0.tar.gz"
+sha512sums="2f400ab45c4f482a467c1ea5c7654d6d37e5190ecea36d023c12c96869386fb0c2a8652e0ef1f0c9a933a54574447f9172fc74ab5100f177eb13ad0737d1e3fa  ansible-2.1.4.0.tar.gz"
-- 
2.8.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Feb 01 2017 - 08:01:10 GMT