lp:ubuntu/precise-proposed/puppet
- Get this branch:
- bzr branch lp:ubuntu/precise-proposed/puppet
Branch merges
Branch information
Recent revisions
- 68. By Adam Stokes
-
debian/
patches/ 2.7.11- remove- process_ name-performanc e.patch:
Fixes performance regression caused by a thread that loops forever in
order to change a process name when told so (LP: #995719) - 67. By Marc Deslauriers
-
* SECURITY UPDATE: August 2013 privilege escalation and code execution
vulnerabilities
- debian/patches/ ubuntu- 2.7.11- puppet- Aug-2013- CVE-fixes. patch:
upstream patch to resolve security issues.
- CVE-2013-4956
- CVE-2013-4761 - 66. By Marc Deslauriers
-
* SECURITY UPDATE: Remote code execution on master from unauthenticated
clients
- debian/patches/ 2.7.21- Patch-for- CVE-2013- 3567.patch: upstream patch
to use safe_yama.
- CVE-2013-3567 - 65. By Marc Deslauriers
-
* SECURITY UPDATE: Multiple security issues
- debian/patches/ security- mar-2013. patch: upstream patch to fix
multiple security issues.
- CVE-2013-1640 - Remote code execution on master from authenticated clients
- CVE-2013-1652 - Insufficient input validation
- CVE-2013-1653 - Remote code execution
- CVE-2013-1654 - Protocol downgrade
- CVE-2013-1655 - Unauthenticated remote code execution risk
- CVE-2013-2275 - Incorrect default report ACL - 64. By Marc Deslauriers
-
* SECURITY UPDATE: Multiple July 2012 security issues
- debian/patches/ 2.7.17- Puppet- July-2012- CVE-fixes. patch: upstream
patch to fix multiple security issues.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3866: last_run_report. yaml report file is world readable and
leads to arbitrary file read on master by an agent
- CVE-2012-3867: insufficient input validation for agent cert hostnames - 63. By Tyler Hicks
-
* SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
appdmg and pkgdmg providers (LP: #978708)
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1906
* SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1986
* SECURITY UPDATE: Denial of service via Filebucket text/marshall support
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1987
* SECURITY UPDATE: Arbitrary code execution via Filebucket requests
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1988
* SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
filename
- debian/patches/ CVE-2012- 1906_CVE- 2012-1986_ to_CVE- 2012-1989. patch
- CVE-2012-1989
* debian/patches/ puppet- 12844: Re-fetch the patch from upstream since some
missing pieces cause 'rake spec' to abort immediately - 62. By Marc Cluet
-
[ Marc Cluet ]
* debian/patches/ puppet- 12844: Cherry picked patch from upstream
2.7.12 to revert new agent lockfile behaviour as it breaks upgrades
from versions < 2.7.10. This feature has been pushed out to
puppet 3.x by upstream.
* debian/puppetmaster- passenger. postinst (LP: #948983)
- Fixed rack directory location
- Added proper enabling of apache2 headers mod
* debian/puppetmaster- passenger. postinst (LP: #950183)
- Make sure we error if puppet config print doesn't work[ James Page ]
* debian/puppetmaster- passenger. postinst:
- Ensure upgrades from <= 2.7.11-1 fixup passenger apache
configuration. - 61. By Micah Anderson
-
* New upstream release
* Urgency set to high due to regressions in previous release
and security vulnerabilities
* Execs when run with a user specified, but no group, get the root
group. Similarly unexpected privileges are given to providers and
types (egid remains as root), this is fixed with a patch from
upstream (CVE-2012-1053)
* Fix Klogin write through symlink (CVE-2012-1054) - 60. By Colin Watson
-
Use maintscript support in dh_installdeb rather than writing out
dpkg-maintscript-helper commands by hand. We now simply Pre-Depend on a
new enough version of dpkg rather than using 'dpkg-maintscript-helper
supports' guards, leading to more predictable behaviour on upgrades. - 59. By Stig Sandbeck Mathisen
-
* New upstream release
* Update breaks/replaces for puppetmaster-common (Closes: #656962)
* Add systemd services for puppet agent and master
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/puppet