---
- branch: MAIN
  date: Mon Aug 24 10:58:41 UTC 2020
  files:
  - new: '1.36'
    old: '1.35'
    path: pkgsrc/sysutils/ansible/Makefile
    pathrev: pkgsrc/sysutils/ansible/Makefile@1.36
    type: modified
  - new: '1.23'
    old: '1.22'
    path: pkgsrc/sysutils/ansible/distinfo
    pathrev: pkgsrc/sysutils/ansible/distinfo@1.23
    type: modified
  id: 20200824T105841Z.1baec33cc69e55610044023d4c797d70b3c0dd38
  log: |
    ansible: updated to 2.9.12

    v2.9.12
    =======

    Minor Changes
    -------------
    - ansible-test - the ACME test container was updated, it now supports external account creation and has a basic OCSP responder (https://github.com/ansible/ansible/pull/71097, https://github.com/ansible/acme-test-container/releases/tag/2.0.0).
    - debconf - add a note about no_log=True since module might expose sensitive information to logs (https://github.com/ansible/ansible/issues/32386).

    Security Fixes
    --------------
    - **security issue** - copy - Redact the value of the no_log 'content' parameter in the result's invocation.module_args in check mode. Previously when used with check mode and with '-vvv', the module would not censor the content if a change would be made to the destination path. (CVE-2020-14332)

    - **security issue** atomic_move - change default permissions when creating temporary files so they are not world readable (https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736)

    - Fix warning for default permission change when no mode is specified. Follow up to https://github.com/ansible/ansible/issues/67794. (CVE-2020-1736)

    - Sanitize no_log values from any response keys that might be returned from the uri module (CVE-2020-14330).
    - reset logging level to INFO due to CVE-2019-14846.

    Bugfixes
    --------
    - Address compat with rpmfluff-0.6 for integration tests
    - Ensure password passed in by -k is used on delegated hosts that do not have ansible_password set
    - Template connection variables before using them (https://github.com/ansible/ansible/issues/70598).
    - Terminal plugins - add "\e[m" to the list of ANSI sequences stripped from device output
    - add magic/connection vars updates from delegated host info.
    - ansible-galaxy collection install - fix fallback mechanism if the AH server did not have the collection requested - https://github.com/ansible/ansible/issues/70940
    - ansible-test - Add ``pytest < 6.0.0`` constraint for managed installations on Python 3.x to avoid issues with relative imports.
    - ansible-test - Change detection now properly resolves relative imports instead of treating them as absolute imports.
    - api - time.clock is removed in Python 3.8, add backward compatible code (https://github.com/ansible/ansible/issues/70649).
    - avoid clobbering existing facts inside loop when task also returns ansible_facts.
    - basic - use PollSelector implementation when DefaultSelector fails (https://github.com/ansible/ansible/issues/70238).
    - cron - encode and decode crontab files in UTF-8 explicitly to allow non-ascii chars in cron filepath and job (https://github.com/ansible/ansible/issues/69492)
    - ensure delegated vars can resolve hostvars object and access vars from hostvars[inventory_hostname].
    - facts - account for Slackware OS with ``+`` in the name (https://github.com/ansible/ansible/issues/38760)
    - facts - fix incorrect UTC timestamp in ``iso8601_micro`` and ``iso8601``
    - fix issue with inventory_hostname and delegated host vars mixing on connection settings.
    - hashi_vault - Handle equal sign in key=value (https://github.com/ansible/ansible/issues/55658).
    - ipa_hostgroup - fix an issue with load-balanced ipa and cookie handling with Python 3 - (https://github.com/ansible/ansible/issues/71110).
    - lineinfile - fix not subscriptable error in exception handling around file creation
    - linux network facts - get the correct value for broadcast address (https://github.com/ansible/ansible/issues/64384)
    - mysql_user - fix overriding password to the same (https://github.com/ansible-collections/community.general/issues/543).
    - net_put - Fixed UnboundLocalError when there is no change This is a backport from U(https://github.com/ansible-collections/ansible.netcommon/pull/6)
    - nxos_user - do not fail when a custom role is used (https://github.com/ansible-collections/cisco.nxos/pull/130)
    - ovirt_vm - fix cd_iso search
    - playbooks - detect and propagate failures in ``always`` blocks after ``rescue`` (https://github.com/ansible/ansible/issues/70000)
    - profile_tasks - typecast result before slicing it (https://github.com/ansible/ansible/issues/59059).
    - reboot - Add support for the runit init system, used on Void Linux, that does not support the normal Linux syntax.
    - redfish_info, redfish_config, redfish_command - Fix Redfish response payload decode on Python 3.5 (https://github.com/ansible/ansible/issues/65889)
    - shell - fix quoting of mkdir command in creation of remote_tmp in order to allow spaces and other special characters (https://github.com/ansible/ansible/issues/69577).
    - templating - fix error message for ``x in y`` when y is undefined (https://github.com/ansible/ansible/issues/70984)
    - unarchive - check ``fut_gid`` against ``run_gid`` in addition to supplemental groups (https://github.com/ansible/ansible/issues/49284)
    - user - don't create home directory and missing parents when create_home == false (https://github.com/ansible/ansible/pull/70600).
    - yum - fix yum list crashing if repoquery (used internally) prints errors in stdout (https://github.com/ansible/ansible/issues/56800)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/sysutils/ansible'
  unixtime: '1598266721'
  user: adam