Skip to content

robertdebock/ansible-role-cve_2024_3094

Check xz vulnerability (cve_2024_3094) on your system.

GitHub GitLab Downloads Version
github gitlab downloads Version

This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release.

---
- name: Converge
  hosts: all
  become: true
  gather_facts: true

  roles:
    - role: robertdebock.cve_2024_3094
      cve_2024_3094_cleanup: false

The machine needs to be prepared. In CI this is done using molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  become: true
  gather_facts: false

  roles:
    - role: robertdebock.bootstrap
    - role: robertdebock.openssh

Also see a full explanation and example on how to use these roles.

The default values for the variables are set in defaults/main.yml:

---
# defaults file for cve_2024_3094

# If requirements are installed, would you like to remove them after this role ran?
cve_2024_3094_cleanup: true

# Where to look for `sshd`, a list of paths.
cve_2024_3094_sshd_paths:
      - /usr/bin
      - /usr/sbin
      - /usr/local/bin
      - /usr/local/sbin

The following roles are used to prepare a system. You can prepare your system in another way.

Requirement GitHub GitLab
robertdebock.bootstrap Build Status GitHub Build Status GitLab
robertdebock.openssh Build Status GitHub Build Status GitLab

This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.

Here is an overview of related roles: dependencies

This role has been tested on these container images:

container tags
Alpine all
Amazon Candidate
Debian all
EL 9
Fedora all
Ubuntu all

The minimum version of Ansible required is 2.12, tests have been done to:

  • The previous version.
  • The current version.
  • The development version.

If you find issues, please register them in GitHub.

Apache-2.0.

robertdebock

Please consider sponsoring me.