Viewing all changes in revision 57.
- Committer: Package Import Robot
- Date: 2012-07-10 08:24:35 UTC
- Revision ID: package-import@ubuntu.com-20120710082435-8jt6vcsyqk09tupc
* SECURITY UPDATE: multiple July 2012 security issues
- debian/patches/2.6.4-Puppet-July-2012-CVE-fixes.patch: fix multiple
security issues. Patch from upstream, with an additional fix to
lib/puppet/reports/store.rb.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3867: insufficient input validation for agent cert hostnames
- debian/patches/2.6.4-Puppet-July-2012-CVE-fixes.patch: fix multiple
security issues. Patch from upstream, with an additional fix to
lib/puppet/reports/store.rb.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3867: insufficient input validation for agent cert hostnames
- files added:
- .pc/.quilt_patches
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/application
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/file_bucket
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/file_bucket/file
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/file_serving
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/file_serving/mount
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/indirector
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/indirector/file_bucket_file
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/indirector/file_content
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/indirector/file_metadata
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/reports
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/ssl
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/lib/puppet/ssl/certificate_authority
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/integration
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/integration/file_bucket
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/integration/file_serving
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/shared_behaviours
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/file_serving
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/file_serving/mount
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/indirector
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/indirector/file_bucket_file
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/indirector/file_content
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/indirector/file_metadata
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/network
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/network/handler
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/ssl
- .pc/2.6.4-Puppet-July-2012-CVE-fixes.patch/spec/unit/ssl/certificate_authority
- spec/integration/file_bucket
- files removed:
- lib/puppet/file_bucket/file
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
