nixpkgs/pkgs/tools
Andreas Rammhold b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
..
admin ansible_2_6: 2.6.17 -> 2.6.20 2019-12-15 21:25:07 +01:00
archivers unrar: 5.8.3 -> 5.8.4 2019-11-29 22:32:18 +01:00
audio beets.externalPlugins.check: init at 0.12.0 2019-12-14 21:52:21 -08:00
backup hpe-ltfs: init at 3.4.2_Z7550-02501 (#74814) 2019-12-04 08:33:08 +00:00
bluetooth blueman: update patch 2019-10-17 16:56:41 -04:00
bootloaders/refind treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
cd-dvd srt-vtt: init at 2019-01-03 (#70885) 2019-11-07 17:21:47 -05:00
compression Treewide: update some problematic homepages 2019-12-08 10:21:29 -08:00
filesystems Merge master into staging-next 2019-12-13 11:43:39 +01:00
graphics ifm: init at 2015-11-08 2019-12-10 17:09:14 +00:00
inputmethods Merge pull request #74422 from r-ryantm/auto-update/ibus-typing-booster 2019-12-14 04:22:12 +01:00
misc Merge master into staging-next 2019-12-15 16:09:28 +01:00
networking Merge branch 'master' into staging-next 2019-12-14 23:09:06 +01:00
nix nixpkgs-fmt: 0.6.0 -> 0.6.1 2019-11-07 22:50:57 +00:00
package-management cargo-outdated: unstable-2019-04-13 -> 0.9.1 2019-12-14 15:41:19 +00:00
security Merge branch 'master' into staging-next 2019-12-14 23:09:06 +01:00
system bootchart: remove 2019-12-10 22:40:44 -05:00
text Merge master into staging-next 2019-12-13 11:43:39 +01:00
toml2nix
typesetting tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
video Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
virtualization ec2-utils: fix meta.license 2019-11-29 15:13:34 +01:00
wayland/ydotool ydotool: init at 0.1.8 2019-10-29 14:43:43 +01:00
X11 services.xserver.imwheel: add module 2019-12-13 18:19:29 +01:00