Hi everyone,
Today we have updated Ansible to 1.6.6.
As you may remember, last week we updated our remote data checking code to lock down some security items, and the result of that was that our great open source community kicked in, and found some especially clever variations that needed to be locked down further - and we’ve taken steps to be a lot more heavy handed in the approach that this code was taking.
Like before, these deal with being careful with untrusted data from pre-compromised remote hosts - and all Ansible users should upgrade. We hope to be completely done with this series of changes after this round.
As a reminder, ansible practices responsible disclosure on security items, if you find problems, please email security@ansible.com and we’ll get back to you ASAP.
1.6.6 is available in PyPi now.
–Michael