openSUSE 2019:0238-1 Moderate: ansible Security Advisory

This update for ansible fixes the following issues:

Security vulnerabilities fixed:

- CVE-2018-16876: Respect no_log on retry and high verbosity (bsc#1118896)

- CVE-2018-16859: Windows - prevent sensitive content from appearing in

scriptblock logging (bsc#1116587)

- CVE-2018-10855: Fixed the honouration of the no_log option with failed

task iterations (boo#1097775)

- CVE-2017-7466: Fixed an input validation vulnerability in Ansible's

handling

of data sent from client systems

- CVE-2017-7481: Fixed a security issue with lookup return not tainting

the jinja2 environment (bsc#1038785)

Other bug fixes and changes:

- Update to version 2.7.6

* Added log message at -vvvv when using netconf connection listing

connection details.

* Changes how ansible-connection names socket lock files. They now use

the same name as the socket itself, and as such do not lock other

attempts on connections to the same host,...