Release 7.5.6.

CHANGELOG.rst

@@ -6,6 +6,32 @@ Community General Release Notes
 
 This changelog describes changes after version 6.0.0.
 
+v7.5.6
+======
+
+Release Summary
+---------------
+
+Regular bugfix release with security fixes.
+
+Security Fixes
+--------------
+
+- cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin - make sure all data received from the remote servers is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.general/pull/8098).
+
+Bugfixes
+--------
+
+- aix_filesystem - fix issue with empty list items in crfs logic and option order (https://github.com/ansible-collections/community.general/pull/8052).
+- homebrew - error returned from brew command was ignored and tried to parse empty JSON. Fix now checks for an error and raises it to give accurate error message to users (https://github.com/ansible-collections/community.general/issues/8047).
+- ipa_hbacrule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+- ipa_sudorule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+- iptables_state - fix idempotency issues when restoring incomplete iptables dumps (https://github.com/ansible-collections/community.general/issues/8029).
+- linode inventory plugin - add descriptive error message for linode inventory plugin (https://github.com/ansible-collections/community.general/pull/8133).
+- pacemaker_cluster - actually implement check mode, which the module claims to support. This means that until now the module also did changes in check mode (https://github.com/ansible-collections/community.general/pull/8081).
+- pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057).
+- proxmox_kvm - fixed status check getting from node-specific API endpoint (https://github.com/ansible-collections/community.general/issues/7817).
+
 v7.5.5
 ======
 

changelogs/changelog.yaml

@@ -1746,3 +1746,45 @@ releases:
     - 8003-redfish-get-update-status-empty-response.yml
     - pkgin.yml
     release_date: '2024-02-25'
+  7.5.6:
+    changes:
+      bugfixes:
+      - aix_filesystem - fix issue with empty list items in crfs logic and option
+        order (https://github.com/ansible-collections/community.general/pull/8052).
+      - homebrew - error returned from brew command was ignored and tried to parse
+        empty JSON. Fix now checks for an error and raises it to give accurate error
+        message to users (https://github.com/ansible-collections/community.general/issues/8047).
+      - ipa_hbacrule - the module uses a string for ``ipaenabledflag`` for new FreeIPA
+        versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+      - ipa_sudorule - the module uses a string for ``ipaenabledflag`` for new FreeIPA
+        versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+      - iptables_state - fix idempotency issues when restoring incomplete iptables
+        dumps (https://github.com/ansible-collections/community.general/issues/8029).
+      - linode inventory plugin - add descriptive error message for linode inventory
+        plugin (https://github.com/ansible-collections/community.general/pull/8133).
+      - pacemaker_cluster - actually implement check mode, which the module claims
+        to support. This means that until now the module also did changes in check
+        mode (https://github.com/ansible-collections/community.general/pull/8081).
+      - pam_limits - when the file does not exist, do not create it in check mode
+        (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057).
+      - proxmox_kvm - fixed status check getting from node-specific API endpoint (https://github.com/ansible-collections/community.general/issues/7817).
+      release_summary: Regular bugfix release with security fixes.
+      security_fixes:
+      - cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox,
+        scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin
+        - make sure all data received from the remote servers is marked as unsafe,
+        so remote code execution by obtaining texts that can be evaluated as templates
+        is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/,
+        https://github.com/ansible-collections/community.general/pull/8098).
+    fragments:
+    - 7.5.6.yml
+    - 7880-ipa-fix-sudo-and-hbcalrule-idempotence.yml
+    - 7953-proxmox_kvm-fix_status_check.yml
+    - 8029-iptables-state-restore-check-mode.yml
+    - 8048-fix-homebrew-module-error-reporting-on-become-true.yaml
+    - 8057-pam_limits-check-mode.yml
+    - 8133-add-error-message-for-linode-inventory-plugin.yaml
+    - aix_filesystem-crfs-issue.yml
+    - inventory-rce.yml
+    - pacemaker-cluster.yml
+    release_date: '2024-03-25'