Accepted ansible 2.2.1.0-2+deb9u3 (source) into oldoldstable

[Debian FTP Masters <ftpmaster@ftp-master.debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Feb 2022 18:34:23 +0100
Source: ansible
Binary: ansible
Architecture: source
Version: 2.2.1.0-2+deb9u3
Distribution: stretch-security
Urgency: medium
Maintainer: Lee Garrett <debian@rocketjump.eu>
Changed-By: Lee Garrett <debian@rocketjump.eu>
Description:
 ansible    - Configuration management, deployment, and task execution system
Changes:
 ansible (2.2.1.0-2+deb9u3) stretch-security; urgency=medium
 .
   * Fix CVE-2019-10206:
     ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4,
     all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by
     expanding them from templates as they could contain special characters.
     Passwords should be wrapped to prevent templates trigger and exposing them.
   * Fix CVE-2019-14856:
     This fixes a regression introduced by the fix of CVE-2019-10206.
   * Fix CVE-2020-10684:
     A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x
     prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as
     a subkey of itself and promoting it to a variable when inject is enabled,
     overwriting the ansible_facts after the clean. An attacker could take
     advantage of this by altering the ansible_facts, such as ansible_hosts,
     users and any other key data which would lead into privilege escalation
     or code injection.
Checksums-Sha1:
 517f812d6e7c9064b3a9b4e4a3f93dfd7e877415 2675 ansible_2.2.1.0-2+deb9u3.dsc
 585fa5aef8bcd418393ee71fe432ef18467ba953 36116 ansible_2.2.1.0-2+deb9u3.debian.tar.xz
 a77e8d76fa021f13e13d21d1e051e554c2d47e3d 7744 ansible_2.2.1.0-2+deb9u3_amd64.buildinfo
Checksums-Sha256:
 fb6e9c25a9c7b9a7fb776f70e40cfcfc1842c7959ff8cb9964f29caf9852fbf5 2675 ansible_2.2.1.0-2+deb9u3.dsc
 9a19609c8b656f5e21ca55f41fcce4483740de646cd70585ca3269134184bfde 36116 ansible_2.2.1.0-2+deb9u3.debian.tar.xz
 b9e1dc8cda4e39d66a54f8fc8f168737f4218a02f14af7c0f549e3f177b73ee5 7744 ansible_2.2.1.0-2+deb9u3_amd64.buildinfo
Files:
 8751f27e9e3d493a4bd8277b5a12c85e 2675 admin optional ansible_2.2.1.0-2+deb9u3.dsc
 127721a106ebcfd24d2b3f1ade28fca5 36116 admin optional ansible_2.2.1.0-2+deb9u3.debian.tar.xz
 8a0d719c372af7052a01f6ced8ffd609 7744 admin optional ansible_2.2.1.0-2+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEE2EfGJRCpwv8kLOAs1gShxII+4PgFAmH8cSkACgkQ1gShxII+
4PhQKR//dU8O7KICJgLCLcLf8UzP7zUpZUFNHXi/NR38YzWoZN6YS5IIUduFz0re
m+aaB6XCYj1vKIDv1AjLvQ3KECa+xsNIlPdfMOLenbpMBfZmQMMRQ3TDTIk0wITC
oyjNJt0saxvdd5IlYmJn/PgcKWD5NZTu6aUYiVnAkmyYGzxMDrn8ymH/SmVv+PsB
1PKukCSglCxDjxXfhvSQtUecLhCMQKrB7Iocr8q2JtH2Zs8XEPPVHpl5jzOuAKit
MJQfRXgusudjgcurCH1w4P0I8OGNIUVjoH1BVLUxpWMFIr9/WN5rL0e7r9h/oKlD
BdadSxIC+1HlxUo67a+0zgdQ/kHdd6IZlIY5cyuTDqv5Mv79lL5im9HBv0dV9PeS
xeo0nfemMaKUNljIKdPOlgHmJnPNkunfyPFV+sElWwMcv4meDtxkwm73IQA32Q45
hROUTc1Q25CS2prpDwwewF2bxhwWNx5B5PIaIB7i71RjdWQAAhg++Tkvp7dNg7H9
x4HktXzry/byL5yQiE/Mawx8AuP3AslDJCAult4e0Kr3B7aoAr4aKkxFzZrU7s9r
b3SZXl/+gXtWVrZB+QuJk8sOSavUVOqASXHiNwv/whTEDMYw4mgMrvIUgLQdVrXR
OgRG7m3ts8kmj4Yb6PWGLqxTcUxh9fet0JZqvFWaF+LUi6dKtGFcsuCEBM2x/Oiq
tIwqTv9MvQswTeZu9iMYUUHBawOBW5b47+DDS1fXFUMsm6sRP4XR7tm/XBdP2FFh
I9LYGajndbqj4V/y5VlXK+wu9/DDLyfJYIaMLuChN59PK2ASMaNM6bwVhmvF9YBm
mwgWzxbx0TP7VWffmUpoiIGpXW0OEPuI2sxyiLLGkEAFgCJWZ/FHkscOZv0OHsyl
8ggvLkr/XSYtsv9b3CpZUWc5rdK9/+lDqIJou5JtzUXvhx3ROcljxt158QOpemRP
3lEHGJeXJCnXaZSYnS0CvLdRp3pGI7xg4i5J4NFBd2HF1yv+SZR6q7kZ/5X1mINd
AH30hRYgteqC15s5+W8pLATHR/+psG/pTNJgVCuC1HzbMpjA93y6yJPapztNbZxF
jJY9HR1gIGXV22aUU3MyLIBA80X+shvDUzEMuuIy1w0poCTMFet0SY6Ld8tu27Td
PStofPUJu4Tk/ZuhJyhMxAIq9TNO/ReFRf9xe2CZfX358kffgnrpBo9+HWNdynfg
g6uDi1AE0t2vRNNb/H1wLi/Zuv80/UgZ4rnDQC1eIYfgxoyK6x8T/IqLgxwlbCxS
4vqczffua4IZX1hA59P0/NX+n1N76gnl3a0J8SnI82GuCVAROaWP83S6cWEYT8du
XjhTNTUUtHHxFStjIsC6GkZykxEirQ==
=rCyS
-----END PGP SIGNATURE-----