-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 04 Dec 2024 18:12:49 +0100
Source: ansible-core
Architecture: source
Version: 2.14.18-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Lee Garrett <debian@rocketjump.eu>
Changed-By: Lee Garrett <debian@rocketjump.eu>
Closes: 1082851
Changes:
 ansible-core (2.14.18-0+deb12u1) bookworm; urgency=medium
 .
   [ Lee Garrett ]
   * New stable bugfix release
   * Add integration tests to autopkgtest
   * Fix CVE-2024-11079: This vulnerability allows attackers to bypass unsafe
     content protections using the hostvars object to reference and execute
     templated content. This issue can lead to arbitrary code execution if remote
     data or module outputs are improperly templated within playbooks.
 .
   [ Bastien Roucariès ]
   * Fix CVE-2024-8775: A flaw was found in Ansible,
     where sensitive information stored in Ansible Vault files can be exposed in
     plaintext during the execution of a playbook. This occurs when using tasks
     such as include_vars to load vaulted variables without setting the no_log:
     true parameter, resulting in sensitive data being printed in the playbook
     output or logs. This can lead to the unintentional disclosure of secrets
     like passwords or API keys, compromising security and potentially allowing
     unauthorized access or actions. (Closes: #1082851)
   * Fix CVE-2024-9902: A flaw was found in Ansible.
     The ansible-core `user` module can allow an unprivileged user to silently
     create or replace the contents of any file on any system path and take
     ownership of it when a privileged user executes the `user` module against
     the unprivileged user's home directory. If the unprivileged user has
     traversal permissions on the directory containing the exploited target file,
     they retain full control over the contents of the file as its owner.
Checksums-Sha1:
 1e81e09d73a23327a0ce30696acc329c3342baba 3201 ansible-core_2.14.18-0+deb12u1.dsc
 8d8ed49ed9a2df81faa2fe67b3f1e4c981641330 3116929 ansible-core_2.14.18.orig.tar.gz
 6383bad46352c3c8ad728b0e69056c0e09e3c090 29616 ansible-core_2.14.18-0+deb12u1.debian.tar.xz
 666f4da2e1e16fd29ae0cb83d7fed53f2338921c 8247 ansible-core_2.14.18-0+deb12u1_amd64.buildinfo
Checksums-Sha256:
 c59d9cf3573192a8e58a707ae8b681d1e7882a6d7d7acc76f4f05cb82acff751 3201 ansible-core_2.14.18-0+deb12u1.dsc
 a953acb0db9e851c7044da9876b98924b7c2941148cab0c45f094309f17f8fd7 3116929 ansible-core_2.14.18.orig.tar.gz
 ce99811129503453e250ecf24b849ed7358cae5e102c1342dd867c38215daeaf 29616 ansible-core_2.14.18-0+deb12u1.debian.tar.xz
 d23822f39756a6dc6f3d255819159b499cc6e461fa9fc743b127a88719398ec3 8247 ansible-core_2.14.18-0+deb12u1_amd64.buildinfo
Files:
 7ee001010698becc88120e90652749ec 3201 admin optional ansible-core_2.14.18-0+deb12u1.dsc
 d0eadc886da39863c0210008a81b59d2 3116929 admin optional ansible-core_2.14.18.orig.tar.gz
 b1e59a36233a8390cb58a23f2331fe89 29616 admin optional ansible-core_2.14.18-0+deb12u1.debian.tar.xz
 caaa3f244cafd93eb7b9684a1753aa27 8247 admin optional ansible-core_2.14.18-0+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEE2EfGJRCpwv8kLOAs1gShxII+4PgFAmdR260ACgkQ1gShxII+
4Pi4xx//VdAgQuUnn25iwU81ICAC1uz/irv2jnQlf+3F5hfVRZ/1ABrDUN53oYzH
la6qPmIZXNcnAv5xePICp3dehyljl1BXjA6USwF3cg9w7RrcM2KU2gy3Bqjm4H9i
gWsRq1NDsmswXmQMHOgtkL8F5FnDp36re5bQPDX0SJxIDgd06JbqA111zsuVI5vH
bO5H4rRkCukQYrir3VHzGnc5pp86F2wDCyn+6g9geA7m87xP7SaXwekTtaF6J/kG
KJuSsVNmmX5fu5ziMbmRvz8xw9Um13Hl+rUu11tp13Lz7VMrIQKei+iauI7T0i4q
DoYVgz0UZJwl3ifDtrqdV56buise268zgWIvyDvgQAKUqiGJS1vMDbdQjZbxL3eu
Vjqz1M6ICRi8FqQ111lqx/967brPDoKSbnGPdIU5tgdWAn9oy7Md+W4zrQRTiKSf
7yUlFBp/mO4il1uApE5BZ8SEyW7tMGk2DaE25RtpXIrvQDr4s6Fw37G84W11OM17
F9IvmxJUAzYoAsM3VLeet251ElBhiCGm/hS6Oo26tpEa6wE2ZmkrbLM3zGtd1fIj
lO8/j9m/egwsQQi1D6+banqk0CIz72dvRfTeaF2Xz92gFI7wjV19jIfb35Pja8jh
IQ61KQm0rCU3zEY9885LMiJa6phDzFlXP3NC5N4mcTSnXcvyhqOQathe6pZAoGT4
eo6zsoXQz8K4CMViWlrvpQYcS64GWaNjd3mYyu5Nb7Eqoxyb04+xKiRloPWIKVSY
4/b3/L/CnRTCvSRJG4YeUtjqvYfWV8SkxUni0ZRFiV9dpDmnH8ilnEBkO2ky9e17
fRA02d5+TMs5OMnLt3Xs0/llQ6rTwj0PVKxYBOnqLRAFFMt/8tcmOq96P1IXxPpv
63Ul8XM2hdwc1Y9efkSDay7ZaEJlFy3ftMBMfzvpghgDaVTq+3NVjGEEw92HfzH+
ZdBLXe3ut4jlrZa75k2e9zxLZ4WiRndqjRjsTOgdV6xWTHArFq+5WwmRejV8BTn0
51eexLj77ENg0EV2/RcjsQfeuEEUUDYKCRlb6zbTJ4yU0m+qOCLZHOJ57jx5Xjcl
ifNYFGMTtwwofvfHWNYH/1Z56f3N7mKOurNFrXLwuKbvVCacQlzcUDBPxK4KaAxJ
rAF5FduseNlQHv012j8JRKk9hsdMnVpG8i0YKeaIu05usODVz1ur4Mq9hY8eWXey
bB61/J4Gg6208NXH6u8Qn4/NLUQe8UQNkckMtSfsmQ4+el4Iz5rx6DvSOL9fOSwa
hdkVS3IF7W/MDFDjkcSYCB1r0gLBgvKDjQerk1aaphi0C/2vgj0hRpS4fdG7VJSi
9csNbTbLGNoxUlIH6/ylDrbG9Gg+kA==
=5u4N
-----END PGP SIGNATURE-----