From 09b3253edd8078d06aed0ee5e053572d40d6483d Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Mon, 25 Mar 2024 14:10:36 +0100 Subject: [PATCH] Release 6.6.8. --- CHANGELOG.md | 205 ++++++++++-------- CHANGELOG.rst | 20 ++ changelogs/changelog.yaml | 25 +++ changelogs/fragments/6.6.8.yml | 1 - .../fragments/8057-pam_limits-check-mode.yml | 2 - .../fragments/aix_filesystem-crfs-issue.yml | 3 - changelogs/fragments/inventory-rce.yml | 6 - changelogs/fragments/pacemaker-cluster.yml | 3 - 8 files changed, 160 insertions(+), 105 deletions(-) delete mode 100644 changelogs/fragments/6.6.8.yml delete mode 100644 changelogs/fragments/8057-pam_limits-check-mode.yml delete mode 100644 changelogs/fragments/aix_filesystem-crfs-issue.yml delete mode 100644 changelogs/fragments/inventory-rce.yml delete mode 100644 changelogs/fragments/pacemaker-cluster.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 6c80126e3c..9c3de1efda 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,94 +1,119 @@ # Community General Release Notes **Topics** + +- v6\.6\.8 + - Release Summary + - Security Fixes + - Bugfixes - v6\.6\.7 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v6\.6\.6 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v6\.6\.5 - - Release Summary - - Minor Changes - - Bugfixes + - Release Summary + - Minor Changes + - Bugfixes - v6\.6\.4 - - Release Summary - - Minor Changes - - Bugfixes + - Release Summary + - Minor Changes + - Bugfixes - v6\.6\.3 - - Release Summary - - Minor Changes - - Bugfixes + - Release Summary + - Minor Changes + - Bugfixes - v6\.6\.2 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v6\.6\.1 - - Release Summary - - Minor Changes - - Bugfixes + - Release Summary + - Minor Changes + - Bugfixes - v6\.6\.0 - - Release Summary - - Minor Changes - - Bugfixes - - New Modules + - Release Summary + - Minor Changes + - Bugfixes + - New Modules - v6\.5\.0 - - Release Summary - - Minor Changes - - Bugfixes - - New Plugins - - Lookup - - New Modules + - Release Summary + - Minor Changes + - Bugfixes + - New Plugins + - Lookup + - New Modules - v6\.4\.0 - - Release Summary - - Minor Changes - - Deprecated Features - - Bugfixes + - Release Summary + - Minor Changes + - Deprecated Features + - Bugfixes - v6\.3\.0 - - Release Summary - - Minor Changes - - Breaking Changes / Porting Guide - - Deprecated Features - - Bugfixes - - New Modules + - Release Summary + - Minor Changes + - Breaking Changes / Porting Guide + - Deprecated Features + - Bugfixes + - New Modules - v6\.2\.0 - - Release Summary - - Minor Changes - - Deprecated Features - - Bugfixes + - Release Summary + - Minor Changes + - Deprecated Features + - Bugfixes - v6\.1\.0 - - Release Summary - - Minor Changes - - Deprecated Features - - Bugfixes - - New Modules + - Release Summary + - Minor Changes + - Deprecated Features + - Bugfixes + - New Modules - v6\.0\.1 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v6\.0\.0 - - Release Summary - - Major Changes - - Minor Changes - - Breaking Changes / Porting Guide - - Deprecated Features - - Removed Features \(previously deprecated\) - - Bugfixes - - New Plugins - - Filter - - Lookup - - New Modules + - Release Summary + - Major Changes + - Minor Changes + - Breaking Changes / Porting Guide + - Deprecated Features + - Removed Features \(previously deprecated\) + - Bugfixes + - New Plugins + - Filter + - Lookup + - New Modules This changelog describes changes after version 5\.0\.0\. + +## v6\.6\.8 + + +### Release Summary + +Security and bugfix release\. + + +### Security Fixes + +* cobbler\, gitlab\_runners\, icinga2\, linode\, lxd\, nmap\, online\, opennebula\, proxmox\, scaleway\, stackpath\_compute\, virtualbox\, and xen\_orchestra inventory plugin \- make sure all data received from the remote servers is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.general/pull/8098](https\://github\.com/ansible\-collections/community\.general/pull/8098)\)\. + + +### Bugfixes + +* aix\_filesystem \- fix issue with empty list items in crfs logic and option order \([https\://github\.com/ansible\-collections/community\.general/pull/8052](https\://github\.com/ansible\-collections/community\.general/pull/8052)\)\. +* pacemaker\_cluster \- actually implement check mode\, which the module claims to support\. This means that until now the module also did changes in check mode \([https\://github\.com/ansible\-collections/community\.general/pull/8081](https\://github\.com/ansible\-collections/community\.general/pull/8081)\)\. +* pam\_limits \- when the file does not exist\, do not create it in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/8050](https\://github\.com/ansible\-collections/community\.general/issues/8050)\, [https\://github\.com/ansible\-collections/community\.general/pull/8057](https\://github\.com/ansible\-collections/community\.general/pull/8057)\)\. + ## v6\.6\.7 - + ### Release Summary Bugfix release\. From now on\, community\.general 6\.x\.y will only receive major bugfixes and security fixes anymore\. - + ### Bugfixes * composer \- fix impossible to run working\_dir dependent commands\. The module was throwing an error when trying to run a working\_dir dependent command\, because it tried to get the command help without passing the working\_dir \([https\://github\.com/ansible\-collections/community\.general/issues/3787](https\://github\.com/ansible\-collections/community\.general/issues/3787)\)\. @@ -108,12 +133,12 @@ From now on\, community\.general 6\.x\.y will only receive major bugfixes and se ## v6\.6\.6 - + ### Release Summary Regular bugfix release\. - + ### Bugfixes * mail \- skip headers containing equals characters due to missing maxsplit on header key/value parsing \([https\://github\.com/ansible\-collections/community\.general/pull/7303](https\://github\.com/ansible\-collections/community\.general/pull/7303)\)\. @@ -123,7 +148,7 @@ Regular bugfix release\. ## v6\.6\.5 - + ### Release Summary Regular bugfix release\. @@ -134,7 +159,7 @@ Regular bugfix release\. * make \- allows params to be used without value \([https\://github\.com/ansible\-collections/community\.general/pull/7180](https\://github\.com/ansible\-collections/community\.general/pull/7180)\)\. * pritunl module utils \- ensure validate\_certs parameter is honoured in all methods \([https\://github\.com/ansible\-collections/community\.general/pull/7156](https\://github\.com/ansible\-collections/community\.general/pull/7156)\)\. - + ### Bugfixes * CmdRunner module utils \- does not attempt to resolve path if executable is a relative or absolute path \([https\://github\.com/ansible\-collections/community\.general/pull/7200](https\://github\.com/ansible\-collections/community\.general/pull/7200)\)\. @@ -146,7 +171,7 @@ Regular bugfix release\. ## v6\.6\.4 - + ### Release Summary Regular bugfix release\. @@ -156,7 +181,7 @@ Regular bugfix release\. * redfish\_utils \- use Controllers key in redfish data to obtain Storage controllers properties \([https\://github\.com/ansible\-collections/community\.general/pull/7081](https\://github\.com/ansible\-collections/community\.general/pull/7081)\)\. - + ### Bugfixes * bitwarden lookup plugin \- the plugin made assumptions about the structure of a Bitwarden JSON object which may have been broken by an update in the Bitwarden API\. Remove assumptions\, and allow queries for general fields such as notes \([https\://github\.com/ansible\-collections/community\.general/pull/7061](https\://github\.com/ansible\-collections/community\.general/pull/7061)\)\. @@ -172,7 +197,7 @@ Regular bugfix release\. ## v6\.6\.3 - + ### Release Summary Regular bugfix release\. @@ -183,7 +208,7 @@ Regular bugfix release\. * cobbler inventory plugin \- convert Ansible unicode strings to native Python unicode strings before passing user/password to XMLRPC client \([https\://github\.com/ansible\-collections/community\.general/pull/6923](https\://github\.com/ansible\-collections/community\.general/pull/6923)\)\. * redfish\_info \- fix for GetVolumeInventory\, Controller name was getting populated incorrectly and duplicates were seen in the volumes retrieved \([https\://github\.com/ansible\-collections/community\.general/pull/6719](https\://github\.com/ansible\-collections/community\.general/pull/6719)\)\. - + ### Bugfixes * datadog\_downtime \- presence of rrule param lead to the Datadog API returning Bad Request due to a missing recurrence type \([https\://github\.com/ansible\-collections/community\.general/pull/6811](https\://github\.com/ansible\-collections/community\.general/pull/6811)\)\. @@ -208,12 +233,12 @@ Regular bugfix release\. ## v6\.6\.2 - + ### Release Summary Regular bugfix release\. - + ### Bugfixes * csv module utils \- detects and remove unicode BOM markers from incoming CSV content \([https\://github\.com/ansible\-collections/community\.general/pull/6662](https\://github\.com/ansible\-collections/community\.general/pull/6662)\)\. @@ -225,7 +250,7 @@ Regular bugfix release\. ## v6\.6\.1 - + ### Release Summary Regular bugfix release\. @@ -235,7 +260,7 @@ Regular bugfix release\. * dconf \- if gi\.repository\.GLib is missing\, try to respawn in a Python interpreter that has it \([https\://github\.com/ansible\-collections/community\.general/pull/6491](https\://github\.com/ansible\-collections/community\.general/pull/6491)\)\. - + ### Bugfixes * deps module utils \- do not fail when dependency cannot be found \([https\://github\.com/ansible\-collections/community\.general/pull/6479](https\://github\.com/ansible\-collections/community\.general/pull/6479)\)\. @@ -252,7 +277,7 @@ Regular bugfix release\. ## v6\.6\.0 - + ### Release Summary Bugfix and feature release\. @@ -279,7 +304,7 @@ Bugfix and feature release\. * terraform \- remove state file check condition and error block\, because in the native implementation of terraform will not cause errors due to the non\-existent file \([https\://github\.com/ansible\-collections/community\.general/pull/6296](https\://github\.com/ansible\-collections/community\.general/pull/6296)\)\. * udm\_dns\_record \- minor refactor to the code \([https\://github\.com/ansible\-collections/community\.general/pull/6382](https\://github\.com/ansible\-collections/community\.general/pull/6382)\)\. - + ### Bugfixes * archive \- reduce RAM usage by generating CRC32 checksum over chunks \([https\://github\.com/ansible\-collections/community\.general/pull/6274](https\://github\.com/ansible\-collections/community\.general/pull/6274)\)\. @@ -311,7 +336,7 @@ Bugfix and feature release\. ## v6\.5\.0 - + ### Release Summary Feature and bugfix release\. @@ -339,7 +364,7 @@ Feature and bugfix release\. * ssh\_config \- vendored StormSSH\'s config parser to avoid having to install StormSSH to use the module \([https\://github\.com/ansible\-collections/community\.general/pull/6117](https\://github\.com/ansible\-collections/community\.general/pull/6117)\)\. * znode module \- optional use\_tls parameter added for encrypted communication \([https\://github\.com/ansible\-collections/community\.general/issues/6154](https\://github\.com/ansible\-collections/community\.general/issues/6154)\)\. - + ### Bugfixes * archive \- avoid deprecated exception class on Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/6180](https\://github\.com/ansible\-collections/community\.general/pull/6180)\)\. @@ -373,7 +398,7 @@ Feature and bugfix release\. ## v6\.4\.0 - + ### Release Summary Regular feature and bugfix release\. @@ -402,7 +427,7 @@ Regular feature and bugfix release\. * gitlab\_runner \- the option access\_level will lose its default value in community\.general 8\.0\.0\. From that version on\, you have set this option to ref\_protected explicitly\, if you want to have a protected runner \([https\://github\.com/ansible\-collections/community\.general/issues/5925](https\://github\.com/ansible\-collections/community\.general/issues/5925)\)\. - + ### Bugfixes * cartesian and flattened lookup plugins \- adjust to parameter deprecation in ansible\-core 2\.14\'s listify\_lookup\_plugin\_terms helper function \([https\://github\.com/ansible\-collections/community\.general/pull/6074](https\://github\.com/ansible\-collections/community\.general/pull/6074)\)\. @@ -428,7 +453,7 @@ Regular feature and bugfix release\. ## v6\.3\.0 - + ### Release Summary Regular bugfix and feature release\. @@ -463,7 +488,7 @@ Regular bugfix and feature release\. * consul \- deprecate using parameters unused for state\=absent \([https\://github\.com/ansible\-collections/community\.general/pull/5772](https\://github\.com/ansible\-collections/community\.general/pull/5772)\)\. * gitlab\_runner \- the default of the new option access\_level\_on\_creation will change from false to true in community\.general 7\.0\.0\. This will cause access\_level to be used during runner registration as well\, and not only during updates \([https\://github\.com/ansible\-collections/community\.general/pull/5908](https\://github\.com/ansible\-collections/community\.general/pull/5908)\)\. - + ### Bugfixes * ModuleHelper \- fix bug when adjusting the name of reserved output variables \([https\://github\.com/ansible\-collections/community\.general/pull/5755](https\://github\.com/ansible\-collections/community\.general/pull/5755)\)\. @@ -498,7 +523,7 @@ Regular bugfix and feature release\. ## v6\.2\.0 - + ### Release Summary Regular bugfix and feature release\. @@ -544,7 +569,7 @@ Regular bugfix and feature release\. * rax\_scaling\_group \- module relies on deprecates library pyrax\. Unless maintainers step up to work on the module\, it will be marked as deprecated in community\.general 7\.0\.0 and removed in version 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5733](https\://github\.com/ansible\-collections/community\.general/pull/5733)\)\. * rax\_scaling\_policy \- module relies on deprecates library pyrax\. Unless maintainers step up to work on the module\, it will be marked as deprecated in community\.general 7\.0\.0 and removed in version 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5733](https\://github\.com/ansible\-collections/community\.general/pull/5733)\)\. - + ### Bugfixes * ansible\_galaxy\_install \- set default to raise exception if command\'s return code is different from zero \([https\://github\.com/ansible\-collections/community\.general/pull/5680](https\://github\.com/ansible\-collections/community\.general/pull/5680)\)\. @@ -560,7 +585,7 @@ Regular bugfix and feature release\. ## v6\.1\.0 - + ### Release Summary Regular bugfix and feature release\. @@ -591,7 +616,7 @@ Regular bugfix and feature release\. * The sap modules sapcar\_extract\, sap\_task\_list\_execute\, and hana\_query\, will be removed from this collection in community\.general 7\.0\.0 and replaced with redirects to community\.sap\_libs\. If you want to continue using these modules\, make sure to also install community\.sap\_libs \(it is part of the Ansible package\) \([https\://github\.com/ansible\-collections/community\.general/pull/5614](https\://github\.com/ansible\-collections/community\.general/pull/5614)\)\. - + ### Bugfixes * chroot connection plugin \- add inventory\_hostname to vars under remote\_addr\. This is needed for compatibility with ansible\-core 2\.13 \([https\://github\.com/ansible\-collections/community\.general/pull/5570](https\://github\.com/ansible\-collections/community\.general/pull/5570)\)\. @@ -617,12 +642,12 @@ Regular bugfix and feature release\. ## v6\.0\.1 - + ### Release Summary Bugfix release for Ansible 7\.0\.0\. - + ### Bugfixes * dependent lookup plugin \- avoid warning on deprecated parameter for Templar\.template\(\) \([https\://github\.com/ansible\-collections/community\.general/pull/5543](https\://github\.com/ansible\-collections/community\.general/pull/5543)\)\. @@ -634,7 +659,7 @@ Bugfix release for Ansible 7\.0\.0\. ## v6\.0\.0 - + ### Release Summary New major release of community\.general with lots of bugfixes\, new features\, some removed deprecated features\, and some other breaking changes\. Please check the coresponding sections of the changelog for more details\. @@ -789,7 +814,7 @@ New major release of community\.general with lots of bugfixes\, new features\, s * proxmox inventory plugin \- the default of the want\_proxmox\_nodes\_ansible\_host option changed from true to false \([https\://github\.com/ansible\-collections/community\.general/pull/5326](https\://github\.com/ansible\-collections/community\.general/pull/5326)\)\. * vmadm \- the debug option has been removed\. It was not used anyway \([https\://github\.com/ansible\-collections/community\.general/pull/5326](https\://github\.com/ansible\-collections/community\.general/pull/5326)\)\. - + ### Bugfixes * Include PSF\-license\.txt file for plugins/module\_utils/\_mount\.py\. diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 38f24ecf7c..714cf2d591 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,26 @@ Community General Release Notes This changelog describes changes after version 5.0.0. +v6.6.8 +====== + +Release Summary +--------------- + +Security and bugfix release. + +Security Fixes +-------------- + +- cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin - make sure all data received from the remote servers is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.general/pull/8098). + +Bugfixes +-------- + +- aix_filesystem - fix issue with empty list items in crfs logic and option order (https://github.com/ansible-collections/community.general/pull/8052). +- pacemaker_cluster - actually implement check mode, which the module claims to support. This means that until now the module also did changes in check mode (https://github.com/ansible-collections/community.general/pull/8081). +- pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057). + v6.6.7 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 2cc0ee8484..759c2c1df5 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -1619,3 +1619,28 @@ releases: - 7379-url.yml - 7467-fix-gitlab-constants-calls.yml release_date: '2023-11-04' + 6.6.8: + changes: + bugfixes: + - aix_filesystem - fix issue with empty list items in crfs logic and option + order (https://github.com/ansible-collections/community.general/pull/8052). + - pacemaker_cluster - actually implement check mode, which the module claims + to support. This means that until now the module also did changes in check + mode (https://github.com/ansible-collections/community.general/pull/8081). + - pam_limits - when the file does not exist, do not create it in check mode + (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057). + release_summary: Security and bugfix release. + security_fixes: + - cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, + scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin + - make sure all data received from the remote servers is marked as unsafe, + so remote code execution by obtaining texts that can be evaluated as templates + is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, + https://github.com/ansible-collections/community.general/pull/8098). + fragments: + - 6.6.8.yml + - 8057-pam_limits-check-mode.yml + - aix_filesystem-crfs-issue.yml + - inventory-rce.yml + - pacemaker-cluster.yml + release_date: '2024-03-25' diff --git a/changelogs/fragments/6.6.8.yml b/changelogs/fragments/6.6.8.yml deleted file mode 100644 index 7ce7b7ae27..0000000000 --- a/changelogs/fragments/6.6.8.yml +++ /dev/null @@ -1 +0,0 @@ -release_summary: Security and bugfix release. diff --git a/changelogs/fragments/8057-pam_limits-check-mode.yml b/changelogs/fragments/8057-pam_limits-check-mode.yml deleted file mode 100644 index f6f034e9b8..0000000000 --- a/changelogs/fragments/8057-pam_limits-check-mode.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - "pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057)." diff --git a/changelogs/fragments/aix_filesystem-crfs-issue.yml b/changelogs/fragments/aix_filesystem-crfs-issue.yml deleted file mode 100644 index 6b3ddfb0d6..0000000000 --- a/changelogs/fragments/aix_filesystem-crfs-issue.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: - - aix_filesystem - fix issue with empty list items in crfs logic and option order (https://github.com/ansible-collections/community.general/pull/8052). diff --git a/changelogs/fragments/inventory-rce.yml b/changelogs/fragments/inventory-rce.yml deleted file mode 100644 index 9eee6dff52..0000000000 --- a/changelogs/fragments/inventory-rce.yml +++ /dev/null @@ -1,6 +0,0 @@ -security_fixes: - - "cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, scaleway, stackpath_compute, virtualbox, - and xen_orchestra inventory plugin - make sure all data received from the remote servers is marked as unsafe, so remote - code execution by obtaining texts that can be evaluated as templates is not possible - (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, - https://github.com/ansible-collections/community.general/pull/8098)." diff --git a/changelogs/fragments/pacemaker-cluster.yml b/changelogs/fragments/pacemaker-cluster.yml deleted file mode 100644 index 07e1ff3e04..0000000000 --- a/changelogs/fragments/pacemaker-cluster.yml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - "pacemaker_cluster - actually implement check mode, which the module claims to support. This means that until now the module - also did changes in check mode (https://github.com/ansible-collections/community.general/pull/8081)."