blob: a0b07031ef48d64c50abc4e9e684aea7acfb7c03 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
upgrade:
- |
Files (and irrelevant-files) matchers are now overridable. Zuul
now uses only branch matchers to collect job variants. Once those
variants are collected, they are combined, and the files and
irrelevant-files attributes are inherited and overridden as any
other job attribute. The final values are used to determine
whether the job should ultimately run.
- Zuul now uses Ansible 2.5.
security:
- |
Tobias Henkel (BMW Car IT GmbH) discovered a vulnerability which
is fixed in this release. If nodes become offline during the
build, the no_log attribute of a task is ignored. If the
unreachable error occurred in a task used with a loop variable
(e.g., with_items), the contents of the loop items would be
printed in the console. This could lead to accidentally leaking
credentials or secrets. MITRE has assigned CVE-2018-12557 to this
vulnerability.
|
