Ansible 2.0.2.0 has been released

[James Cammarata]

Hi all, 2.0.2.0 has been released, and is now available.

This release continues to fix bugs introduced in the 2.0 release, as well as one security bug:

* SECURITY: Fix lxc_container module having predictable temp file names and setting file

  permissions on the temporary file too leniently on a temporary file that was

  executed as a script.  Addresses CVE-2016-3096

* Fixed bugs related to the iteration of tasks when certain combinations of roles,

  blocks, and includes were used, especially when handling errors in rescue/always

  portions of blocks.

* Fixed some bugs in the URI module related to redirects and SSL handling.

* Fixed some bugs related to the incorrect creation of extra temp directories for

  uploading files, which were not cleaned up properly.

* Fixed a bug related to the variable precedence of role parameters, especially when

  a role may be used both as a dependency of a role and directly by itself within the

  same play.

* Fixed some bugs in the 2.0 implementation of do/until.

* Fixed some bugs related to run_once:

  - Ensure that all hosts are marked as failed if a task marked as run_once fails.

  - Show a warning when using the free strategy when a run_once task is encountered, as

    there is no way for the free strategy to guarantee the task is not run more than once.

* Fixed a bug where the assemble module was not honoring check mode in some situations.

* Fixed a bug related to delegate_to, where we were incorrectly using variables from

  the inventory host rather than the delegated-to host.

* The 'package' meta-module now properly squashes items down to a single execution (as the

  apt/yum/other package modules do).

* Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from

  the Galaxy server.

* Pipelining support is now available for the local and jail connection plugins, which is

  useful for users who do not wish to have temp files/directories created when running

  tasks with these connection types.

* Improvements in support for additional shell types.

* Improvements in the code which is used to calculate checksums for remote files.

* Some speed ups and bug fixes related to the variable merging code.

* Workaround bug in python subprocess on El Capitan that was making vault fail

  when attempting to encrypt a file

* Fix a bug in the uri module where setting headers via module params that

  start with HEADER_ were causing a traceback.

* Fix bug in the free strategy that was causing it to synchronize its workers

  after every task (making it a lot more like linear than it should have been).

As always, this update is available via PyPi and releases.ansible.com now, and packages for distros will be available as soon as possible.

Thanks, and enjoy!

James Cammarata

Ansible Lead/Sr. Principal Software Engineer

Ansible by Red Hat

twitter: @thejimic, github: jimi-c