search

buluma / ansible-role-openjdk

Install and configure OpenJDK on your system.
Apache License 2.0
1 stars 0 forks source link

Pinning due to CVE-2024-3094 #24

Open github-actions[bot] opened 5 months ago

github-actions[bot] commented 5 months ago

https://github.com/buluma/ansible-role-openjdk/blob/99307e83e53a64def1076c156a1a68582f527c2d/molecule/default/prepare.yml#L118


    - name: Debian | apt-get install *.deb
      ansible.builtin.raw: |
        set -eu
        DEBIAN_FRONTEND=noninteractive apt-get install -y bzip2 ca-certificates curl gcc gnupg gzip hostname iproute2 passwd procps python3 python3-apt python3-jmespath python3-lxml python3-pip python3-setuptools python3-venv python3-virtualenv python3-wheel rsync sudo tar unzip util-linux zip
      args:
        executable: "/bin/bash"
      when: ansible_os_family | lower == "debian"
      changed_when: false
      failed_when: false

    # TODO: Pinning due to CVE-2024-3094
    - name: Debian | Try to install xz-utils packages
      ansible.builtin.pip:
        name: xz-utils==5.4.6
        state: present
      when: ansible_os_family | lower == "debian"
      changed_when: false
      failed_when: false

    - name: Fedora | yum install *.rpm
      ansible.builtin.raw: |
        set -eu