...
|
...
|
@@ -1,10 +1,12 @@
|
1
|
1
|
Ansible Changes By Release
|
2
|
2
|
==========================
|
3
|
3
|
|
4
|
|
-## 2.2 "The Battle of Evermore" - ACTIVE DEVELOPMENT
|
|
4
|
+## 2.2 "The Battle of Evermore" - 11-01-2016
|
5
|
5
|
|
6
|
6
|
###Major Changes:
|
7
|
7
|
|
|
8
|
+* Security fix for CVE-2016-8628 - Command injection by compromised server via fact variables. In some situations, facts returned by modules could overwrite connection-based facts or some other special variables, leading to injected commands running on the Ansible controller as the user running Ansible (or via escalated permissions).
|
|
9
|
+* Security fix for CVE-2016-8614 - apt_key module not properly validating keys in some situations.
|
8
|
10
|
* Added the `listen` feature for modules. This feature allows tasks to more easily notify multiple handlers, as well as making it easier for handlers from decoupled roles to be notified.
|
9
|
11
|
* Major performance improvements.
|
10
|
12
|
* Added support for binary modules
|
...
|
...
|
@@ -289,9 +291,6 @@ Ansible Changes By Release
|
289
|
289
|
* Fix for yum module incorrectly thinking it succeeded in installing packages
|
290
|
290
|
* Make the default ansible_managed template string into a static string since
|
291
|
291
|
all of the replacable values lead to non-idempotent behaviour.
|
292
|
|
-* apt_key fixes for when the user specifies a longer key id. These allow more
|
293
|
|
- specific targetting of keys to download while still working around
|
294
|
|
- limitations in the apt-key tool that require shorter key id strings.
|
295
|
292
|
|
296
|
293
|
###For custom front ends using the API:
|
297
|
294
|
* ansible.parsing.vault:
|