← Back to branch summary

~racb/ubuntu/saucy/puppet/dep8-hiera

~racb/ubuntu/saucy/puppet/dep8-hiera

Viewing all changes in revision 63.

Committer: Package Import Robot
Author(s): Tyler Hicks
Date: 2012-04-11 03:55:10 UTC
Revision ID: package-import@ubuntu.com-20120411035510-n0i86f5adri4b9g2

Tags: 2.7.11-1ubuntu2

https://launchpad.net/bugs/978708

* SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
  appdmg and pkgdmg providers (LP: #978708)
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1906
* SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1986
* SECURITY UPDATE: Denial of service via Filebucket text/marshall support
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1987
* SECURITY UPDATE: Arbitrary code execution via Filebucket requests
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1988
* SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
  filename
  - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
  - CVE-2012-1989
* debian/patches/puppet-12844: Re-fetch the patch from upstream since some
  missing pieces cause 'rake spec' to abort immediately

files added:
.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/formats.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http/api

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http/api/v1.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package/appdmg.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package/pkgdmg.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device/transport

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device/transport/telnet.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/formats_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http/api

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http/api/v1_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package/appdmg_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package/pkgdmg_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device/transport

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device/transport/telnet_spec.rb

.pc/puppet-12844/lib/puppet/agent/disabler.rb

.pc/puppet-12844/spec/unit/agent/disabler_spec.rb

debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch

spec/unit/provider/package/appdmg_spec.rb

files removed:
lib/puppet/agent/disabler.rb

spec/unit/agent/disabler_spec.rb

files modified:
.pc/applied-patches

debian/changelog

debian/patches/puppet-12844

debian/patches/series

lib/puppet/network/formats.rb

lib/puppet/network/http/api/v1.rb

lib/puppet/provider/package/appdmg.rb

lib/puppet/provider/package/pkgdmg.rb

lib/puppet/util/network_device/transport/telnet.rb

spec/unit/agent_spec.rb

spec/unit/network/formats_spec.rb

spec/unit/network/http/api/v1_spec.rb

spec/unit/provider/package/pkgdmg_spec.rb

spec/unit/util/network_device/transport/telnet_spec.rb

Show diffs side-by-side

added added

removed removed

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/formats.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http/api/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/network/http/api/v1.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package/appdmg.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/provider/package/pkgdmg.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device/transport/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/lib/puppet/util/network_device/transport/telnet.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/formats_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http/api/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/network/http/api/v1_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package/appdmg_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/provider/package/pkgdmg_spec.rb

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device/transport/

.pc/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch/spec/unit/util/network_device/transport/telnet_spec.rb

.pc/applied-patches

.pc/puppet-12844/lib/puppet/agent/disabler.rb

.pc/puppet-12844/spec/unit/agent/disabler_spec.rb

debian/changelog

debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch

debian/patches/puppet-12844

debian/patches/series

lib/puppet/agent/disabler.rb

lib/puppet/network/formats.rb

lib/puppet/network/http/api/v1.rb

lib/puppet/provider/package/appdmg.rb

lib/puppet/provider/package/pkgdmg.rb

lib/puppet/util/network_device/transport/telnet.rb

spec/unit/agent/disabler_spec.rb

spec/unit/agent_spec.rb

spec/unit/network/formats_spec.rb

spec/unit/network/http/api/v1_spec.rb

spec/unit/provider/package/appdmg_spec.rb

spec/unit/provider/package/pkgdmg_spec.rb

spec/unit/util/network_device/transport/telnet_spec.rb

Older »