Ubuntu
puppet package

lp://staging/~bkerensa/ubuntu/raring/puppet/new-upstream-release

  1. Raring (13.04)
  2. new-upstream-release
Created by Benjamin Kerensa and last modified
Get this branch:
bzr branch lp://staging/~bkerensa/ubuntu/raring/puppet/new-upstream-release
Only Benjamin Kerensa can upload to this branch. If you are Benjamin Kerensa please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Benjamin Kerensa
Status:
Development

Recent revisions

66. By Benjamin Kerensa

New Upstream Release

65. By Marc Deslauriers

* Resynchronise with Debian. (LP: #1023931) Remaining changes:
  - debian/puppetmaster-passenger.postinst: Make sure we error if puppet
    config print doesn't work
  - debian/puppetmaster-passenger.postinst: Ensure upgrades from
    <= 2.7.11-1 fixup passenger apache configuration.
* Dropped upstreamed patches:
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - debian/patches/puppet-12844
  - debian/patches/2.7.17-Puppet-July-2012-CVE-fixes.patch
* Drop Build-Depends on ruby-rspec (in universe):
  - debian/control: remove ruby-rspec from Build-Depends
  - debian/patches/no-rspec.patch: make Rakefile work anyway if rspec
    isn't installed so we can use it in debian/rules.

64. By Marc Deslauriers

* SECURITY UPDATE: Multiple July 2012 security issues
  - debian/patches/2.7.17-Puppet-July-2012-CVE-fixes.patch: upstream
    patch to fix multiple security issues.
  - CVE-2012-3864: arbitrary file read on master from authenticated
    clients
  - CVE-2012-3865: arbitrary file delete or denial of service on master
    from authenticated clients
  - CVE-2012-3866: last_run_report.yaml report file is world readable and
    leads to arbitrary file read on master by an agent
  - CVE-2012-3867: insufficient input validation for agent cert hostnames
* debian/control: use ruby1.8 as Build-Depends-Indep to fix FTBFS

63. By Tyler Hicks

* SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
  appdmg and pkgdmg providers (LP: #978708)
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1906
* SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1986
* SECURITY UPDATE: Denial of service via Filebucket text/marshall support
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1987
* SECURITY UPDATE: Arbitrary code execution via Filebucket requests
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1988
* SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
  filename
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1989
* debian/patches/puppet-12844: Re-fetch the patch from upstream since some
  missing pieces cause 'rake spec' to abort immediately

62. By Marc Cluet

[ Marc Cluet ]
* debian/patches/puppet-12844: Cherry picked patch from upstream
  2.7.12 to revert new agent lockfile behaviour as it breaks upgrades
  from versions < 2.7.10. This feature has been pushed out to
  puppet 3.x by upstream.
* debian/puppetmaster-passenger.postinst (LP: #948983)
  - Fixed rack directory location
  - Added proper enabling of apache2 headers mod
* debian/puppetmaster-passenger.postinst (LP: #950183)
  - Make sure we error if puppet config print doesn't work

[ James Page ]
* debian/puppetmaster-passenger.postinst:
  - Ensure upgrades from <= 2.7.11-1 fixup passenger apache
    configuration.

61. By Micah Anderson

* New upstream release
* Urgency set to high due to regressions in previous release
  and security vulnerabilities
* Execs when run with a user specified, but no group, get the root
  group. Similarly unexpected privileges are given to providers and
  types (egid remains as root), this is fixed with a patch from
  upstream (CVE-2012-1053)
* Fix Klogin write through symlink (CVE-2012-1054)

60. By Colin Watson

Use maintscript support in dh_installdeb rather than writing out
dpkg-maintscript-helper commands by hand. We now simply Pre-Depend on a
new enough version of dpkg rather than using 'dpkg-maintscript-helper
supports' guards, leading to more predictable behaviour on upgrades.

59. By Stig Sandbeck Mathisen

* New upstream release
* Update breaks/replaces for puppetmaster-common (Closes: #656962)
* Add systemd services for puppet agent and master

58. By Colin Watson

Use maintscript support in dh_installdeb rather than writing out
dpkg-maintscript-helper commands by hand. We now simply Pre-Depend on a
new enough version of dpkg rather than using 'dpkg-maintscript-helper
supports' guards, leading to more predictable behaviour on upgrades.

57. By Chuck Short

* Merge from Debian testing. Remaining changes:
  + Add 2 patches to fix incompatibility with Augeas 0.10.0:
    - augeas_saved_files
    - augeas_versioncmp
  + Change Maintainer according to policy

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/raring/puppet
This branch contains Public information 
Everyone can see this information.

Subscribers