Dear maintainer! Please, update the ansible port to the 2.7.2 version. The corresponding patch is attached to this report.
Created attachment 200071 [details] Patch to update the sysutils/ansible port
This PR adds 4 small patches to ansible, while they are not in the upstream yet. patch-lib__ansible__module_utils__facts__virtual__freebsd.py Rudimentary detection of the virtual platforms, more through version is coming. Catches VMWare at minimum. patch-lib__ansible__modules__packaging__os__pkgng.py There is at least one case, when upgrading from 11.1 to 11.2 when pkg asks extra question about OS version mismatch in the repository. As this isn't handled, playbook hangs forever. Adding ASSUME_ALWAYS_YES to the environment addresses that, and possibly other potential issues. patch-lib__ansible__modules__storage__zfs__zfs.py - name: Create a new file system by cloning a snapshot zfs: name: rpool/cloned_fs state: present origin: rpool@mysnapshot doesn't work properly, as code assumes that there is at least one level of hierarchy in zpool. But that's not always the case - pool may be dataset as well and have a snapshot. patch-lib__ansible__playbook__play_context.py `doas` support in ansible is broken ATM, doesn't handle password authentication properly, cause assumes only challenge-respond auth. This patch should handle both ways properly.
Any update on this? Maintainer timeout already passed...
Hi! Sorry, it slipped through the cracks.
I'm about to update sysutils/ansible to 2.7.6 and incorporate these patches. Do these correspond to upstream PRs or commits? If so, I'd like to grab the patch directly from github so that it makes it easy to determine which versions it is relevant for. If not, would you like me to submit pull requests with these on your behalf or would you like to do it?
Status?
A commit references this bug: Author: bofh Date: Fri Apr 17 22:31:58 UTC 2020 New revision: 531978 URL: https://svnweb.freebsd.org/changeset/ports/531978 Log: sysutils/ansible: Multiple Vulnerabilities fix - Update ansible 2.8.7=>2.8.11 - Update ansible27 2.7.15=>2.7.17 - For ansible27 add fixes [1] - Rudimentary detection of the virtual platforms - playbook hangs without ASSUME_ALWAYS_YES for pkgng - Fix zpool snapshot cloning - Fix `doas` password authentication - Mark ansible26, ansible25, ansible24 and ansible23 DEPRECATED without EXPIRATION_DATE for MFH PR: 241734 233970 [1] Submitted by: timur [1] Reported by: ncrogers@gmail.com Approved by: portmgr (maintainer timeout, > 14 days) MFH: 2020Q2 (bugfix release) Security: CVE-2020-1737 Security: CVE-2020-1739 Security: CVE-2020-1740 Changes: head/sysutils/ansible/Makefile head/sysutils/ansible/distinfo head/sysutils/ansible/files/extra-patch-27 head/sysutils/ansible23/Makefile head/sysutils/ansible24/Makefile head/sysutils/ansible25/Makefile head/sysutils/ansible26/Makefile head/sysutils/ansible27/Makefile head/sysutils/ansible27/distinfo
A commit references this bug: Author: bofh Date: Sat Apr 18 11:48:34 UTC 2020 New revision: 532025 URL: https://svnweb.freebsd.org/changeset/ports/532025 Log: MFH: r531978 sysutils/ansible: Multiple Vulnerabilities fix - Update ansible 2.8.7=>2.8.11 - Update ansible27 2.7.15=>2.7.17 - For ansible27 add fixes [1] - Rudimentary detection of the virtual platforms - playbook hangs without ASSUME_ALWAYS_YES for pkgng - Fix zpool snapshot cloning - Fix `doas` password authentication - Mark ansible26, ansible25, ansible24 and ansible23 DEPRECATED without EXPIRATION_DATE for MFH PR: 241734 233970 [1] Submitted by: timur [1] Reported by: ncrogers@gmail.com Approved by: portmgr (maintainer timeout, > 14 days) Security: https://www.vuxml.org/freebsd/0899c0d3-80f2-11ea-bafd-815569f3852d.html Security: https://www.vuxml.org/freebsd/67dbeeb6-80f4-11ea-bafd-815569f3852d.html Security: https://www.vuxml.org/freebsd/ae2e7871-80f6-11ea-bafd-815569f3852d.html Approved by: ports-secteam (blanket bug fix release) Changes: _U branches/2020Q2/ branches/2020Q2/sysutils/ansible/Makefile branches/2020Q2/sysutils/ansible/distinfo branches/2020Q2/sysutils/ansible/files/extra-patch-27 branches/2020Q2/sysutils/ansible23/Makefile branches/2020Q2/sysutils/ansible24/Makefile branches/2020Q2/sysutils/ansible25/Makefile branches/2020Q2/sysutils/ansible26/Makefile branches/2020Q2/sysutils/ansible27/Makefile branches/2020Q2/sysutils/ansible27/distinfo