To All in the Ansible Community,
As you’ve likely heard, Computest.nl reported a security vulnerability to the Ansible Core engineering team and Red Hat Security. The Ansible Core team has been working hard to fix the issues and has released Release Candidates to the 2.1.x branch and the 2.2.x branches (and devel of course for future releases).
Traditionally we’ve only supported the last two major, stable versions although we’ve often back-ported security fixes beyond the supported versions. Because of the difficulty of back-porting these fixes we (Ansible Core team and Red Hat) have decided that only versions 2.1.x and newer will get the updates. Ansible 2.0 and older will no longer receive updates.
If you are on a release previous to 2.x, please see here for some help on porting: http://docs.ansible.com/ansible/porting_guide_2.0.html
I apologize for any inconvenience that this causes. Please reach out on the mailing lists or Ansible’s IRC Channels on Feenode if you have questions.
Regards,
Jason McKerr
Director, Ansible Core Engineering
Ansible by Red Hat.