diff --git a/.files b/.files
index bcd4c72..672467f 100644
Binary files a/.files and b/.files differ
diff --git a/.rev b/.rev
index db7639d..99f0ecc 100644
--- a/.rev
+++ b/.rev
@@ -747,4 +747,12 @@ numbers for further reference.
809115
+
+ 497f2beea2cf965f1d12710dba81ae8d
+ 2.9.9
+
+ maxlin_factory
+
+ 810048
+
diff --git a/CVE-2020-1733_avoid_mkdir_p.patch b/CVE-2020-1733_avoid_mkdir_p.patch
deleted file mode 100644
index 3bd138d..0000000
--- a/CVE-2020-1733_avoid_mkdir_p.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 0a85e91329d4c048e7e4b2cd478f2c17a3dac988 Mon Sep 17 00:00:00 2001
-From: Brian Coca
-Date: Mon, 13 Apr 2020 17:16:29 -0400
-Subject: [PATCH 1/4] avoid mkdir -p (#68921)
-
-* also consolidated temp dir name generation, added pid for more 'uniqness'
-* generalize error message
-* added notes about remote expansion
-
-CVE-2020-1733
-fixes #67791
-
-(cherry picked from commit 8077d8e40148fe77e2393caa5f2b2ea855149d63)
----
- changelogs/fragments/remote_mkdir_fix.yml | 2 ++
- lib/ansible/plugins/action/__init__.py | 11 ++++++++---
- lib/ansible/plugins/shell/__init__.py | 14 ++++++++++----
- lib/ansible/plugins/shell/powershell.py | 2 ++
- 4 files changed, 22 insertions(+), 7 deletions(-)
- create mode 100644 changelogs/fragments/remote_mkdir_fix.yml
-
---- /dev/null
-+++ b/changelogs/fragments/remote_mkdir_fix.yml
-@@ -0,0 +1,2 @@
-+bugfixes:
-+ - Ensure we get an error when creating a remote tmp if it already exists. CVE-2020-1733
---- a/lib/ansible/plugins/action/__init__.py
-+++ b/lib/ansible/plugins/action/__init__.py
-@@ -340,7 +340,11 @@ class ActionBase(with_metaclass(ABCMeta,
- else:
- # NOTE: shell plugins should populate this setting anyways, but they dont do remote expansion, which
- # we need for 'non posix' systems like cloud-init and solaris
-- tmpdir = self._remote_expand_user(self.get_shell_option('remote_tmp', default='~/.ansible/tmp'), sudoable=False)
-+ try:
-+ tmpdir = self._connection._shell.get_option('remote_tmp')
-+ except AnsibleError:
-+ tmpdir = '~/.ansible/tmp'
-+ tmpdir = self._remote_expand_user(tmpdir, sudoable=False)
-
- become_unprivileged = self._is_become_unprivileged()
- basefile = self._connection._shell._generate_temp_dir_name()
---- a/lib/ansible/plugins/shell/__init__.py
-+++ b/lib/ansible/plugins/shell/__init__.py
-@@ -79,6 +79,10 @@ class ShellBase(AnsiblePlugin):
- def _generate_temp_dir_name():
- return 'ansible-tmp-%s-%s-%s' % (time.time(), os.getpid(), random.randint(0, 2**48))
-
-+ @staticmethod
-+ def _generate_temp_dir_name():
-+ return 'ansible-tmp-%s-%s-%s' % (time.time(), os.getpid(), random.randint(0, 2**48))
-+
- def env_prefix(self, **kwargs):
- return ' '.join(['%s=%s' % (k, shlex_quote(text_type(v))) for k, v in kwargs.items()])
-
diff --git a/CVE-2020-1744_avoid_mkdir_p.patch b/CVE-2020-1744_avoid_mkdir_p.patch
new file mode 100644
index 0000000..3bd138d
--- /dev/null
+++ b/CVE-2020-1744_avoid_mkdir_p.patch
@@ -0,0 +1,54 @@
+From 0a85e91329d4c048e7e4b2cd478f2c17a3dac988 Mon Sep 17 00:00:00 2001
+From: Brian Coca
+Date: Mon, 13 Apr 2020 17:16:29 -0400
+Subject: [PATCH 1/4] avoid mkdir -p (#68921)
+
+* also consolidated temp dir name generation, added pid for more 'uniqness'
+* generalize error message
+* added notes about remote expansion
+
+CVE-2020-1733
+fixes #67791
+
+(cherry picked from commit 8077d8e40148fe77e2393caa5f2b2ea855149d63)
+---
+ changelogs/fragments/remote_mkdir_fix.yml | 2 ++
+ lib/ansible/plugins/action/__init__.py | 11 ++++++++---
+ lib/ansible/plugins/shell/__init__.py | 14 ++++++++++----
+ lib/ansible/plugins/shell/powershell.py | 2 ++
+ 4 files changed, 22 insertions(+), 7 deletions(-)
+ create mode 100644 changelogs/fragments/remote_mkdir_fix.yml
+
+--- /dev/null
++++ b/changelogs/fragments/remote_mkdir_fix.yml
+@@ -0,0 +1,2 @@
++bugfixes:
++ - Ensure we get an error when creating a remote tmp if it already exists. CVE-2020-1733
+--- a/lib/ansible/plugins/action/__init__.py
++++ b/lib/ansible/plugins/action/__init__.py
+@@ -340,7 +340,11 @@ class ActionBase(with_metaclass(ABCMeta,
+ else:
+ # NOTE: shell plugins should populate this setting anyways, but they dont do remote expansion, which
+ # we need for 'non posix' systems like cloud-init and solaris
+- tmpdir = self._remote_expand_user(self.get_shell_option('remote_tmp', default='~/.ansible/tmp'), sudoable=False)
++ try:
++ tmpdir = self._connection._shell.get_option('remote_tmp')
++ except AnsibleError:
++ tmpdir = '~/.ansible/tmp'
++ tmpdir = self._remote_expand_user(tmpdir, sudoable=False)
+
+ become_unprivileged = self._is_become_unprivileged()
+ basefile = self._connection._shell._generate_temp_dir_name()
+--- a/lib/ansible/plugins/shell/__init__.py
++++ b/lib/ansible/plugins/shell/__init__.py
+@@ -79,6 +79,10 @@ class ShellBase(AnsiblePlugin):
+ def _generate_temp_dir_name():
+ return 'ansible-tmp-%s-%s-%s' % (time.time(), os.getpid(), random.randint(0, 2**48))
+
++ @staticmethod
++ def _generate_temp_dir_name():
++ return 'ansible-tmp-%s-%s-%s' % (time.time(), os.getpid(), random.randint(0, 2**48))
++
+ def env_prefix(self, **kwargs):
+ return ' '.join(['%s=%s' % (k, shlex_quote(text_type(v))) for k, v in kwargs.items()])
+
diff --git a/ansible.changes b/ansible.changes
index e697cb6..609f13c 100644
--- a/ansible.changes
+++ b/ansible.changes
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu May 28 13:57:38 UTC 2020 - Matej Cepl
+
+- Correct ID of CVE and rename the patch to
+ CVE-2020-1744_avoid_mkdir_p.patch
+
+-------------------------------------------------------------------
Tue May 26 13:02:10 UTC 2020 - Matej Cepl
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
@@ -43,7 +49,8 @@ Fri Apr 17 06:49:56 UTC 2020 - Michael Ströder
ldap_attr and ldap_entry modules
- bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
sensitive information
- - CVE-2020-10684 - code injection when using ansible_facts as a subkey
+ - bsc#1167532 CVE-2020-10684 - code injection when using
+ ansible_facts as a subkey
- bsc#1167440 CVE-2020-10685 - modules which use files
encrypted with vault are not properly cleaned up
- CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
@@ -518,7 +525,7 @@ Sun Feb 24 10:06:31 UTC 2019 - Michael Ströder
* openstack inventory plugin * send logs from sdk to stderr so they do not combine with output
* psrp * do not display bootstrap wrapper for each module exec run
* redfish_utils * get standard properties for firmware entries (https://github.com/ansible/ansible/issues/49832)
- * remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828) (https://github.com/ansible/ansible/pull/52133)
+ * remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503) (https://github.com/ansible/ansible/pull/52133)
* ufw * when using ``state: reset`` in check mode, ``ufw --dry-run reset`` was executed, which causes a loss of firewall rules. The ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset`` to prevent this from happening.
* ufw: make sure that only valid values for ``direction`` are passed on.
* update GetBiosBootOrder to use standard Redfish resources (https://github.com/ansible/ansible/issues/47571)
@@ -895,6 +902,8 @@ Mon Jul 30 15:05:07 UTC 2018 - lars@linux-schulserver.de
+ Restore module_utils.basic.BOOLEANS variable for backwards compatibility
with the module API in older ansible releases.
Bugfixes:
+ + Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
+ from current working directory allowing possible code execution
+ Add text output along with structured output in nxos_facts
+ Allow more than one page of results by using the right pagination
indicator ('NextMarker' instead of 'NextToken').
diff --git a/ansible.spec b/ansible.spec
index c3c13ac..90475a3 100644
--- a/ansible.spec
+++ b/ansible.spec
@@ -229,9 +229,9 @@ URL: https://ansible.com/
Source: https://releases.ansible.com/ansible/ansible-%{version}.tar.gz
Source1: https://releases.ansible.com/ansible/ansible-%{version}.tar.gz.sha
Source99: ansible-rpmlintrc
-# PATCH-FIX-UPSTREAM CVE-2020-1733_avoid_mkdir_p.patch bsc#1171823 mcepl@suse.com
+# PATCH-FIX-UPSTREAM CVE-2020-1744_avoid_mkdir_p.patch bsc#1171823 mcepl@suse.com
# gh#ansible/ansible#67791 avoid race condition and insecure directory creation
-Patch0: CVE-2020-1733_avoid_mkdir_p.patch
+Patch0: CVE-2020-1744_avoid_mkdir_p.patch
BuildArch: noarch
# extented documentation
%if 0%{?with_docs}