Check xz vulnerability (cve_2024_3094) on your system.
| GitHub | GitLab | Downloads | Version |
|---|---|---|---|
 |
 |
 |
 |
This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release.
---
- name: Converge
hosts: all
become: true
gather_facts: true
roles:
- role: robertdebock.cve_2024_3094
cve_2024_3094_cleanup: falseThe machine needs to be prepared. In CI this is done using molecule/default/prepare.yml:
---
- name: Prepare
hosts: all
become: true
gather_facts: false
roles:
- role: robertdebock.bootstrap
- role: robertdebock.opensshAlso see a full explanation and example on how to use these roles.
The default values for the variables are set in defaults/main.yml:
---
# defaults file for cve_2024_3094
# If requirements are installed, would you like to remove them after this role ran?
cve_2024_3094_cleanup: true
# Where to look for `sshd`, a list of paths.
cve_2024_3094_sshd_paths:
- /usr/bin
- /usr/sbin
- /usr/local/bin
- /usr/local/sbin- pip packages listed in requirements.txt.
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|---|---|---|
| robertdebock.bootstrap |  |
 |
| robertdebock.openssh |  |
 |
This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.
Here is an overview of related roles:
This role has been tested on these container images:
| container | tags |
|---|---|
| Alpine | all |
| Amazon | all |
| Debian | all |
| EL | all |
| Fedora | all |
| opensuse | all |
| Ubuntu | all |
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in GitHub.
Please consider sponsoring me.