Changelog
ansible (2.10.7+merged+base+2.10.17+dfsg-0+deb11u1) bullseye; urgency=medium
* Update to ansible-base 2.10.17 (Closes: #1076527)
- fixes CVE-2021-3620
- fixes CVE-2021-3583
* Fix password leak in amazon.aws.ec2_instance module (CVE-2022-3697)
* Document workaround for ec2 private key leak (CVE-2023-4237)
* ansible-galaxy: Prevent roles from using symlinks to overwrite files outside
of the installation directory (CVE-2023-5115)
* Ensure templating doesn't remove unsafe designation from template data.
Document user-visible changes in NEWS (CVE-2023-5764)
* Fix information disclosure due to a failure to respect the ANSIBLE_NO_LOG
configuration in some scenarios (CVE-2024-0690)
* d/gbp.conf: Update branch config to match bullseye (DEP-14 layout)
* Update d/salsa-ci.yml to recommendations
* d/gbp.conf: Default to merge-mode=replace
* salsa CI updates:
- Use bullseye's lintian
- Update salsa CI pipeline file to recommended naming
* fix lintian warnings:
- Update lintian overrides
- Remove debian/source/include-binaries
* Update autopkgtests
- Remove dep to python3-crypto
- Add python3-systemd to test deps for more test coverage
- Fix vault tests requiring pycrypto
- Add integration tests
* d/control: Update maintainer and uploader
* d/control: Update VCS fields
-- Lee Garrett <email address hidden> Tue, 16 Jul 2024 17:48:12 +0200
