Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/karmic-security/puppet
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

24. By Marc Deslauriers

* SECURITY UPDATE: arbitrary file disclosure via incorrect permissions
  - lib/puppet/{util.rb,util/suidmanager.rb}: reset supplementary groups.
  - http://projects.reductivelabs.com/projects/puppet/repository/revisions/e32f980fd7c6291abc2841ede397c962798d9a9c/diff
  - CVE-2009-3564
* SECURITY UPDATE: arbitrary file overwrite via temp file symlinks
  - lib/puppet/{daemon.rb,util.rb,util/reference.rb}: introduce new
    secure_open function and use it on temp files.
  - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0aae57f91dc69b22fb674f8de3a13c22edd07128/diff
  - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0dee418554151289b13136c43f0d1d6484efbac7/diff
  - CVE-2010-0156
* Fix directory paths so test suite will run (LP: #488708)
  - test/lib/puppettest/support/utils.rb, test/lib/puppettest.rb

23. By Chuck Short

* debian/control: puppetmaster Recommends -> Suggests.
* debian/rules: Start puppetmaster when installing puppetmaster.
  (LP: #427466)
* tests/Rakefile: Fix Rakefile so that the testsuite can acutally be ran.
* Created puppet-testsuite as a seperate. Allow the users to run puppet's

22. By Chuck Short

Fix typo in build.

21. By Chuck Short

Fix build.

20. By Chuck Short

* debian/rules: Dont start puppet and puppetmaster when first
  installing puppet.
* debian/puppet.conf, lib/puppet/defaults.rb: Move templates to
* lib/puppet/defaults.rb: Fix /var/lib/puppet/state ownership.
* man/man8/puppet.conf.8: Fix broken URL in manpage.
* Update maintainer according to spec.

19. By Andrew Pollock

[ Micah Anderson ]
* Cherry-pick upstream versioncmp fix (redmine:#2110)

[ Andrew Pollock ]
* Enable waiting for certificates for the default value (upstream default
  that was previously disabled or enabled with a 5 second value)
* Re-ship the vim syntax file in the correct location (it fell out after the
  0.24.5-3 upload) (closes: #530752)
* Re-add the 0.24.5-3 changelog entry
* debian/puppet.postrm: don't delete the user or group (closes: #528068,
* debian/puppet.{preinst,postinst}: Applied modified patch from Stig
  Sandbeck Mathisen to call conditionally call adduser in the postinst, if
  it's available

[ Nigel Kersten ]
* Switched to use install.rb, primarily to stop shebangs using /usr/bin/env
* Stopped using dh_movefiles, moved to dh_install
* debian/rules greatly cleaned up due to above two changes

[ Andrew Pollock ]
* debian/control: add rdoc, libopenssl-ruby and facter to build dependencies
* debian/control: depend on ruby1.8 instead of ruby to placate Lintian
* debian/puppet.install: brown paper bag release averted; install
* debian/rules: ensure permissions on everything under /usr/lib/ruby/1.8 is

18. By Andrew Pollock

* New upstream release
* debian/control: Add Nigel Kersten and myself as uploaders
* debian/changelog: wrap long lines
* debian/watch: ignore release candidates
* debian/compat: bump to 5
* debian/control: bump Standards-Version (no changes)

17. By Thom May

* Set wait for cert timeout to 5 secs, to avoid resource abuse (Closes: #509566)
* Distribute filebucket binary (Closes: #499999)
* Place vim syntax in the correct location (LP: #181960)

16. By Micah Anderson

* Fix puppetlast to work with 0.24.5
* Adjust logcheck to match against new log messages in 0.24.5
* Update standards version to 3.8.0 (no changes)
* Update changelog to reduce length of line to make lintian happy

15. By Micah Anderson

* Changed the default port value to 8140 in /etc/default/puppetmaster
  to be consistent with the client default port. (Closes: #483823)
* Cherry-picked various bug fixes from upstream:
  - further emacs mode updates from Russ Allbery
  - misleading error if CA private key can not be decrypted (trac:#1271)
  - fix missing bracket in documentation (trac:#1209)
  - man pages updates (trac:#1211)
  - add dump parameter to mount type (trac:#1212)
  - fixed undefined variable in lib/puppet/util/settings.rb (trac:#1218)
  - usermod problem on Solaris (trac:#1207)
  - added native authorized_keys type
  - test within a template if a variable or fact is defined (trac:#1177)
  - Fixed Red Hat service disabling (trac:#1219)
  - fix crontab provider parse error when line begins w/space (trac:#1216)
  - Fix for latest method in rpm provider (trac:#1224)
  - puppetd documentation updates (trac:#1227)
  - Modified the 'factpath' setting to automatically configure Facter
    to load facts there if a new enough version of Facter is used.
  - Removing unused file lib/puppet/util/variables.rb (trac:#1229)
  - Fixing transaction support for prefetching generated resources.
    Previously, we prefetched then generated, which caused generated
    resources that needed prefetching not to work. This just reorders
    the calls, so generated resources now get prefetched.
  - Respect "replace => false" for symlinks (trac:#1235)
  - Added cron random function fixing ticket (trac:#311)
  - No more clear_cache failures (trac:#1247)
  - Fixed Rakefile to install non-.rb files (trac:#1266)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.