lp:~racb/ubuntu/saucy/puppet/dep8-hiera
- Get this branch:
- bzr branch lp:~racb/ubuntu/saucy/puppet/dep8-hiera
Branch merges
- Ubuntu branches: Pending requested
-
Diff: 106 lines (+78/-0) (has conflicts)3 files modifieddebian/changelog (+9/-0)
debian/tests/control (+4/-0)
debian/tests/hiera (+65/-0)
Branch information
- Owner:
- Robie Basak
- Status:
- Development
Recent revisions
- 69. By Stig Sandbeck Mathisen
-
* New upstream version (Closes: #712745, CVE-2013-3567)
- use packaged ruby-safe-yaml instead of the vendored gem
* Support apache 2.4 (Closes: #675409)
* Remove dependency on rails (Closes: #709636)
* Remove build dependency on ruby-rspec
* add dep8 tests
* puppetmaster-passenger. postinst: check if puppet.conf can be parsed on
install.
Thanks to Ubuntu - 68. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/puppetmaster- passenger. postinst: Make sure we error if puppet
config print doesn't work
- debian/puppetmaster- passenger. postinst: Ensure upgrades from
<= 2.7.11-1 fixup passenger apache configuration.
- Drop Build-Depends on ruby-rspec (in universe):
+ debian/control: remove ruby-rspec from Build-Depends - 67. By Robie Basak
-
* Merge from Debian unstable. This merges the vim addon fix in 2.7.18-2
(LP: #1163927). Remaining changes:
- debian/puppetmaster- passenger. postinst: Make sure we error if puppet
config print doesn't work
- debian/puppetmaster- passenger. postinst: Ensure upgrades from
<= 2.7.11-1 fixup passenger apache configuration.
- Drop Build-Depends on ruby-rspec (in universe):
+ debian/control: remove ruby-rspec from Build-Depends
+ debian/patches/ no-rspec. patch: make Rakefile work anyway if rspec
isn't installed so we can use it in debian/rules.
* Drop upstreamed patches:
- debian/patches/ security- mar-2013. patch - 66. By Marc Deslauriers
-
* SECURITY UPDATE: Multiple security issues
- debian/patches/ security- mar-2013. patch: upstream patch to fix
multiple security issues.
- CVE-2013-1640 - Remote code execution on master from authenticated clients
- CVE-2013-1652 - Insufficient input validation
- CVE-2013-1653 - Remote code execution
- CVE-2013-1654 - Protocol downgrade
- CVE-2013-1655 - Unauthenticated remote code execution risk
- CVE-2013-2275 - Incorrect default report ACL - 65. By Marc Deslauriers
-
* Resynchronise with Debian. (LP: #1023931) Remaining changes:
- debian/puppetmaster- passenger. postinst: Make sure we error if puppet
config print doesn't work
- debian/puppetmaster- passenger. postinst: Ensure upgrades from
<= 2.7.11-1 fixup passenger apache configuration.
* Dropped upstreamed patches:
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- debian/patches/ puppet- 12844
- debian/patches/ 2.7.17- Puppet- July-2012- CVE-fixes. patch
* Drop Build-Depends on ruby-rspec (in universe):
- debian/control: remove ruby-rspec from Build-Depends
- debian/patches/ no-rspec. patch: make Rakefile work anyway if rspec
isn't installed so we can use it in debian/rules. - 64. By Marc Deslauriers
-
* SECURITY UPDATE: Multiple July 2012 security issues
- debian/patches/ 2.7.17- Puppet- July-2012- CVE-fixes. patch: upstream
patch to fix multiple security issues.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3866: last_run_report. yaml report file is world readable and
leads to arbitrary file read on master by an agent
- CVE-2012-3867: insufficient input validation for agent cert hostnames
* debian/control: use ruby1.8 as Build-Depends-Indep to fix FTBFS - 63. By Tyler Hicks
-
* SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
appdmg and pkgdmg providers (LP: #978708)
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1906
* SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1986
* SECURITY UPDATE: Denial of service via Filebucket text/marshall support
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1987
* SECURITY UPDATE: Arbitrary code execution via Filebucket requests
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1988
* SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
filename
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1989
* debian/patches/ puppet- 12844: Re-fetch the patch from upstream since some
missing pieces cause 'rake spec' to abort immediately
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/puppet