Package "puppet"
Name: |
puppet
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- syntax highlighting for puppet manifests in emacs
- Centralized configuration management - test suite
- Centralised configuration management - master setup to run under mod passenger
- syntax highlighting for puppet manifests in vim
|
Latest version: |
2.7.11-1ubuntu2 |
Release: |
precise (12.04) |
Level: |
base |
Repository: |
universe |
Links
Other versions of "puppet" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
puppet (2.7.11-1ubuntu2) precise; urgency=low
* SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
appdmg and pkgdmg providers (LP: #978708)
- debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
- CVE-2012-1906
* SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
- debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
- CVE-2012-1986
* SECURITY UPDATE: Denial of service via Filebucket text/marshall support
- debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
- CVE-2012-1987
* SECURITY UPDATE: Arbitrary code execution via Filebucket requests
- debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
- CVE-2012-1988
* SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
filename
- debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
- CVE-2012-1989
* debian/patches/puppet-12844: Re-fetch the patch from upstream since some
missing pieces cause 'rake spec' to abort immediately
-- Tyler Hicks Wed, 11 Apr 2012 03:55:10 -0500
|
Source diff to previous version |
978708 |
[Precise] puppet is vulnerable to CVE-2012-1906 and... |
|
puppet (2.7.11-1ubuntu1) precise; urgency=low
[ Marc Cluet ]
* debian/patches/puppet-12844: Cherry picked patch from upstream
2.7.12 to revert new agent lockfile behaviour as it breaks upgrades
from versions < 2.7.10. This feature has been pushed out to
puppet 3.x by upstream.
* debian/puppetmaster-passenger.postinst (LP: #948983)
- Fixed rack directory location
- Added proper enabling of apache2 headers mod
* debian/puppetmaster-passenger.postinst (LP: #950183)
- Make sure we error if puppet config print doesn't work
[ James Page ]
* debian/puppetmaster-passenger.postinst:
- Ensure upgrades from <= 2.7.11-1 fixup passenger apache
configuration.
-- Marc Cluet Fri, 16 Mar 2012 15:36:35 +0000
|
948983 |
puppetmaster-passenger default vhost has wrong docu... |
950183 |
puppetmaster-passenger postinst creates wrong certi... |
|
No changelog for deleted or moved packages.
|
puppet (2.7.11-1) unstable; urgency=high
* New upstream release
* Urgency set to high due to regressions in previous release
and security vulnerabilities
* Execs when run with a user specified, but no group, get the root
group. Similarly unexpected privileges are given to providers and
types (egid remains as root), this is fixed with a patch from
upstream (CVE-2012-1053)
* Fix Klogin write through symlink (CVE-2012-1054)
-- Micah Anderson Thu, 23 Feb 2012 18:24:48 -0500
|
Source diff to previous version |
|
puppet (2.7.10-1ubuntu1) precise; urgency=low
* Use maintscript support in dh_installdeb rather than writing out
dpkg-maintscript-helper commands by hand. We now simply Pre-Depend on a
new enough version of dpkg rather than using 'dpkg-maintscript-helper
supports' guards, leading to more predictable behaviour on upgrades.
-- Colin Watson Tue, 14 Feb 2012 11:08:59 +0000
|
About
-
Send Feedback to @ubuntu_updates