[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1112256: marked as done (trixie-pu: package ansible-core/2.19.1-0+deb13u1)

Your message dated Sat, 15 Nov 2025 11:21:45 +0000
with message-id <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 13.2
has caused the Debian Bug report #1112256,
regarding trixie-pu: package ansible-core/2.19.1-0+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1112256: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112256
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: ansible-core@packages.debian.org, debian@rocketjump.eu
Control: affects -1 + src:ansible-core
User: release.debian.org@packages.debian.org
Usertags: pu

(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)

[ Reason ]
This is a follow-up for #1110092. This updates ansible-core from the
2.19.0~beta6-1 to the first upstream bugfix release. I have reviewed the changes
since #1110092 from 2.19.0 to 2.19.1 and approve them.

[ Impact ]
If rejecting this update, users will have a more buggy version of ansible-core
since between trixie and t-p-u a bunch of regressions were fixed. In particular,
it fixes one remaining issue that was reported by Martina Ferrari
(tina@debian.org):

https://github.com/ansible/ansible/issues/85204
https://bugs.debian.org/1106362

[ Tests ]
ansible-core itself has stellar upstream test coverage, and those unit and
integration tests are run via autopkgtest by me before every upload. I have also
manually tested this release extensively with my setup and have found no
bugs/regressions. On top of that Max Vozeler <xam@debian.org> has tested this
version with his playbook at work and reported back no problems.


[ Risks ]
The jump from beta6 to beta7 had the last larger internal code changes. 2.19
introduced a new data tagging feature which provides a new layer of security
preventing a type of security issue that ansible versions <= 2.18 were affected
by (namely double-templating of untrusted data). As such, the debdiff will
appear quite large.

I however believe that following the upstream bugfix releases is the way to go,
as backporting any future security fixes to 2.19.0~beta6-1 risk an even greater
chance of regressions or incomplete fixes.


[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
This update pulls the latest release from the upstream release branch.
The list of changes is verbosely documented here:
https://github.com/ansible/ansible/blob/stable-2.19/changelogs/CHANGELOG-v2.19.rst

[ Other info ]
If you have any follow-up questions don't hesitate to ask. I tried my best to
provide the info I think the release team needs to make a decision.

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 13.2

Hi,

The updates referenced in each of these bugs were included in today's
13.2 trixie point release.

Regards,

Adam

--- End Message ---
Reply to: