Your message dated Sun, 10 Apr 2016 22:49:02 +0000
with message-id <e1apoaa-0001km...@franck.debian.org>
and subject line Bug#819676: fixed in ansible 2.0.1.0-2
has caused the Debian Bug report #819676,
regarding ansible: CVE-2016-3096: Code execution vulnerability in ansible
lxc_container
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
819676: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819676
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ansible
Version: 2.0.1.0-1
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for ansible.
CVE-2016-3096[0]:
Code execution vulnerability in ansible lxc_container
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-3096
[1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3096
I think there is no fix upstream at the point of writing.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ansible
Source-Version: 2.0.1.0-2
We believe that the bug you reported is fixed in the latest version of
ansible, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 819...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Harlan Lieberman-Berg <hlieber...@debian.org> (supplier of updated ansible
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 10 Apr 2016 18:37:37 -0400
Source: ansible
Binary: ansible ansible-fireball ansible-node-fireball
Architecture: source
Version: 2.0.1.0-2
Distribution: unstable
Urgency: medium
Maintainer: Janos Guljas <ja...@debian.org>
Changed-By: Harlan Lieberman-Berg <hlieber...@debian.org>
Closes: 819676
Description:
ansible - Configuration management, deployment, and task execution system
ansible-fireball - Ansible fireball transport support
ansible-node-fireball - Ansible fireball transport support for nodes
Changes:
ansible (2.0.1.0-2) unstable; urgency=medium
.
* Backport patches to fix vulns in lxc plugin (Closes: #819676)
* Update my email address
Checksums-Sha1:
2bd5b01ec82c536da66e12a32693ec2a1a377180 2268 ansible_2.0.1.0-2.dsc
fe2470575c28b77c38df039774cdfcf2bf6d0401 15524 ansible_2.0.1.0-2.debian.tar.xz
Checksums-Sha256:
cce178c08ff8b7fdb6be4d7751402f9394faa84b8148af160d8fc46dbdbeaae9 2268
ansible_2.0.1.0-2.dsc
970c73c7f467b11214b14c918bf5841062c7740b0aa29083c249a0ea5105d4e1 15524
ansible_2.0.1.0-2.debian.tar.xz
Files:
96c5fca306d609673dbaebbdf658fcfe 2268 admin optional ansible_2.0.1.0-2.dsc
f231feff628841869d8d79105a695418 15524 admin optional
ansible_2.0.1.0-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJ8BAEBCgBmBQJXCtcIXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQwQjhGRTA3NDJENTI3OURDNjU1MEUyODk4
NTQwOUVFNEI5OUY4OTYxAAoJEIVAnuS5n4lhhYsP/iR+kiUfbaTRnUhKyX3JJNjv
4hfrB6HCCKPh6x5cm92o1yZIcZ4aPf8CSHRrTOEnUqDRi+ysLhsN0qqlHHNVuhq/
0Ipo4ZnNd3tBkXvPxmrYB4jUIAL7KXgYrqbBpIr+82evV54Bye/iHBe5Rzw5Un1B
w35Ggu8joTaiRfpQu89HIVF6Ls3586JBiI39nSdJeu4yuhcB2yZhlltiQ3CkVKx6
ifAoqDZjglhUIlo5W5GLLwJuT1Bf9ZmZ8T1+UAJ4CR47Fo48bzabeHOSveDAwAT0
On5gntlnWitjsxXPSYsB+9wW1l/dB0AkjIRVd13b5+jZzJ4e4lQY3leogVgAYkNi
tyl7rYt8mf3bLQDsKfsmbor3W5emh+F3/cdfv8DzfjMqSBUnnu3eu2aEnYMYWGJj
aZbMBCsXIJ+PhahjXtH7wkqTK90gMRoP2E7vfWk548ahSdfdrtYYiny3qDA4ZACl
IOxdPCGXKWIU12GCtJxAJBhqQaryQ3/GsNsoJ5YEvY/IzOVuaNoX2io8yvhIAfxU
cHnvHUNPvTs32dNhE29rzZ1uDxU0KlE97rDLWv0xcirCiaBgREnl2IWNczFIc8ZI
3MJCClSvZ2ORLXbl6jBDFsrroouLkBog2aN8+CFGl0try9kNI/nCGwd4xAeWEbSY
vK5g2bXltsw9b+WHnyTy
=z0Lj
-----END PGP SIGNATURE-----
--- End Message ---
