Debian Patches

Status for ansible-core/2.17.5-5

Patch Description Author Forwarded Bugs Origin Last update
0005-use-py3.patch use py3 Use python 3 for all helper scripts during build
.
This allows us to not depend on python 2 anymore for building.
Lee Garrett <debian@rocketjump.eu> not-needed 2021-11-06
test-git-archive-prefix-32-bit.patch test: Make git archive prefix fit in 32-bit ssize_t
On 32-bit architectures, the `git` integration tests fail with:

TASK [git : ARCHIVE | Generate an archive prefix] ******************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OverflowError: Python int too large to convert to C ssize_t

It doesn't seem vital that this prefix should be larger than a signed
32-bit integer can hold, so drop one bit.
Colin Watson <cjwatson@debian.org> yes 2024-10-16
0003-CVE-2024-8775-Preserve-_ansible_no_log-from-action-r.patch CVE-2024-8775 Preserve `_ansible_no_log` from action result; fix `include_vars` to set properly (#84143)

* fixes for CVE-2024-8775

* propagate truthy `_ansible_no_log` in action result (previously superseded by task-calculated value)
* always mask entire `include_vars` action result if any file loaded had a false `show_content` flag (previously used only the flag value from the last file loaded)

* update no_log tests for CVE-2024-8775
* include validation of _ansible_no_log preservation when set by actions
* replace static values with dynamic for increased robustness to logging/display/callback changes (but still using grep counts :( )

* changelog

* use ternary, coerce to bool explicitly
(cherry picked from commit c9ac477e53a99e95781f333eec3329a935c1bf95)
Matt Davis <6775756+nitzmahone@users.noreply.github.com> yes debian upstream https://github.com/ansible/ansible/commit/9f1ff86c998bcbaadb450929a06bbc7823bc1e4f.patch 2024-10-24
0004-Bump-ansible-galaxy-s-resolvelib-requirement-upperbo.patch Bump ansible-galaxy's resolvelib requirement upperbound to 1.2.0
Test against the newest resolvelib release 1.1.0

Only test the oldest supported resolvelib version, latest minor release,
and releases that offer additional coverage
s-hertel <19572925+s-hertel@users.noreply.github.com> yes debian upstream https://github.com/ansible/ansible/commit/d4085a56e00a6f9059e7df6e4a16eef4f5737501 2024-11-01

All known versions for source package 'ansible-core'

Links