lp:ubuntu/oneiric/puppet

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

53. By Jamie Strandboge on 2011-09-30

* SECURITY UPDATE: k5login can overwrite arbitrary files as root
  - debian/patches/CVE-2011-3869.patch: adjust type/k5login.rb to securely
    open the file before writing to it as root
  - CVE-2011-3869
* SECURITY UPDATE: didn't drop privileges before creating and changing
  permissions on SSH keys
  - debian/patches/CVE-2011-3870.patch: adjust ssh_authorized_key/parsed.rb
    to drop privileges before creating the ssh directory and setting
    permissions
  - CVE-2011-3870
* SECURITY UPDATE: fix predictable temporary filename in ralsh
  - debian/patches/CVE-2011-3871.patch: adjust application/resource.rb to
    use an unpredictable filename
  - CVE-2011-3871
* SECURITY UPDATE: file indirector injection, similar to CVE-2011-3848
  - secure-indirector-file-backed-terminus-base-cla.patch: Since the
    indirector file backed terminus base class is only used by the test
    suite, remove it and update test cases to use a continuing class.

52. By Jamie Strandboge on 2011-09-28

* SECURITY UPDATE: unauthenticated directory traversal allows writing of
  arbitrary files as puppet master
  - debian/patches/CVE-2011-3848.patch: update lib/puppet/indirector.rb,
    lib/puppet/indirector/ssl_file.rb, lib/puppet/indirector/yaml.rb,
    spec/unit/indirector/ssl_file.rb and spec/unit/indirector/yaml.rb to
    perform proper input validation.
  - CVE-2011-3848
  - LP: #861182

51. By Chuck Short on 2011-07-25

* Merge from debian unstable. Remaining changes:
  - debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to
    set the location of the CRL in apache2 configuration. Fix apache2
    configuration on upgrade as well (LP: #641001)
  - move all puppet dependencies to puppet-common since all the code
    actually located in puppet-common.
  - move libagueas from a recommend to a dependency.

Merged branch lp:~ubuntu-branches/ubuntu/oneiric/puppet/oneiric-201105031912

50. By Chuck Short on 2011-05-02

* Merge from debian unstable. Remaining changes:
  - debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to
    set the location of the CRL in apache2 configuration. Fix apache2
    configuration on upgrade as well (LP: #641001)
  - move all puppet dependencies to puppet-common since all the code
    actually located in puppet-common.
  - move libagueas from a recommend to a dependency.

49. By Dave Walker on 2011-03-01

releasing version 2.6.4-2ubuntu2

48. By Dave Walker on 2011-03-01

debian/puppetmaster.default: Removed extra white space at EOF

47. By Chuck Short on 2011-02-08

* Merge from debian unstable. Remaining changes:
  - debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to
    set the location of the CRL in apache2 configuration. Fix apache2
    configuration on upgrade as well (LP: #641001)
  - move all puppet dependencies to puppet-common since all the code
    actually located in puppet-common.
  - move libagueas from a recommend to a dependency.

46. By Mathias Gug on 2010-11-17

New upstream version.

45. By Mathias Gug on 2010-11-12

New upstream version

44. By Mathias Gug on 2010-11-09

New upstream version