mrdoornbos · March 30, 2024 11:44
diff --git a/check_xz_version.yml b/check_xz_version.yml
 ---
 - name: Check xz version on servers
  hosts: all
  tasks:
    - name: Get xz version
      shell: xz --version | head -n1 | awk '{print $NF}' # Using $NF to capture the last field which is expected to be the version number
      register: xz_version_output
      changed_when: False
      ignore_errors: True

    - name: Debug xz version output
      debug:
        var: xz_version_output.stdout

    - name: Set xz version as a fact
      set_fact:
        xz_version: "{{ xz_version_output.stdout }}"
      when: xz_version_output.stdout != ""

    - name: Debug xz version fact
      debug:
        var: xz_version

    - name: Check if xz version is not greater than 5.4
      debug:
        msg: >
             WARNING: Installed xz version is {{ xz_version }}, which is higher than 5.4.
             This version might be vulnerable. Consider verifying compatibility with version 5.4 or addressing the vulnerability as needed.
      when: xz_version is defined and xz_version is version('5.4', '>')
	---
	- name: Check xz version on servers
	hosts: all
	tasks:
	- name: Get xz version
	shell: xz --version \| head -n1 \| awk '{print $NF}' # Using $NF to capture the last field which is expected to be the version number
	register: xz_version_output
	changed_when: False
	ignore_errors: True

	- name: Debug xz version output
	debug:
	var: xz_version_output.stdout

	- name: Set xz version as a fact
	set_fact:
	xz_version: "{{ xz_version_output.stdout }}"
	when: xz_version_output.stdout != ""

	- name: Debug xz version fact
	debug:
	var: xz_version

	- name: Check if xz version is not greater than 5.4
	debug:
	msg: >
	WARNING: Installed xz version is {{ xz_version }}, which is higher than 5.4.
	This version might be vulnerable. Consider verifying compatibility with version 5.4 or addressing the vulnerability as needed.
	when: xz_version is defined and xz_version is version('5.4', '>')