Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
puppet.14603
puppet.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File puppet.changes of Package puppet.14603
------------------------------------------------------------------- Mon Mar 30 16:20:38 UTC 2020 - Kristyna Streitova <kstreitova@suse.com> - add puppet-3.8.5-CVE-2020-7942.patch that adds a deprecation warning for 'strict_hostname_checking = false' variable. While set to false it causes arbitrary catalog retrieval so users should change it to true and adjust their environment accordingly. [bsc#1167645], [CVE-2020-7942] ------------------------------------------------------------------- Tue Feb 13 14:01:40 UTC 2018 - kstreitova@suse.com - add puppet-3.8.5-CVE-2017-10689.patch to reset permissions when unpacking tar in PMT. When using minitar, files are unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created with weird permissions [bsc#1080288], [CVE-2017-10689] ------------------------------------------------------------------- Fri Sep 8 12:36:08 UTC 2017 - kstreitova@suse.com - add puppet-3.8.5-require-hiera-1.2.1.patch to force puppet to use hiera 1.2.1 when more hiera versions are installed in parallel [bsc#1046263] ------------------------------------------------------------------- Thu Jul 13 15:14:08 UTC 2017 - kstreitova@suse.com - add puppet-3.8.5-CVE-2017-2295.patch to fix a security vulnerability where an attacker could force YAML deserialization in an unsafe manner, which would lead to remote code execution. In default, this update breaks a backwards compatibility with Puppet agents older than 3.2.2 as the SLE12 master doesn't support other fact formats than pson in default anymore. In order to allow users to continue using their SLE12 master/SLE11 agents setup and fix CVE-2017-2295 for the others, a new puppet master boolean option "dangerous_fact_formats" was added. When it's set to true it enables using dangerous fact formats (e.g. YAML). When it's set to false, only PSON fact format is accepted. [bsc#1040151], [CVE-2017-2295] ------------------------------------------------------------------- Tue May 16 13:09:19 UTC 2017 - kstreitova@suse.com - add puppet-3.8.5-non_ASCII_user_comment.patch to fix non-ASCII user comment with ruby >= 2.1 [bnc#971223] - replace the greps with %fillup-only macros to update the sysconfig files properly [bsc#995975] ------------------------------------------------------------------- Sun Jan 15 21:07:38 UTC 2017 - kstreitova@suse.com - puppet 3 buildrequires and requires rubygem-hiera-1 now [fate#321116] ------------------------------------------------------------------- Tue Feb 2 13:46:17 UTC 2016 - kstreitova@suse.com - update to 3.8.5: * release notes: http://docs.puppetlabs.com/puppet/3.8/reference/release_notes.html http://docs.puppetlabs.com/puppet/3.7/reference/release_notes.html * [bsc#964437], [fate#319493] * bug [bsc#951553] is already fixed in puppet 3.7.3 - add 3.8.5-systemd_default_service_provider.patch to make systemd the default service provider for SLES 12 [bsc#927946] ------------------------------------------------------------------- Thu Jun 26 09:22:11 UTC 2014 - mrueckert@suse.de - dont require package names. require rubygem() symbols instead. (bnc#884509) ------------------------------------------------------------------- Tue Jun 24 15:05:42 UTC 2014 - mrueckert@suse.de - also have puppetmasterd.sysconfig in the sources list ------------------------------------------------------------------- Thu Jun 19 23:35:29 UTC 2014 - mrueckert@suse.de - use rb_ variables instead of building the paths manually. ------------------------------------------------------------------- Wed Jun 11 13:06:50 UTC 2014 - darin@darins.net - Update to 3.6.2 Security Fixes * CVE-2014-3248 (Arbitrary Code Execution with Required Social Engineering) * CVE-2014-3253 (Apache 2.4+ does not enforce CRL checks by default) * [PUP-2635] - user purge_ssh_keys not purged * [PUP-2639] - Increase environment_timeout default. * [PUP-2650] - 3.6.1 issues "warning" message for deprecation * [PUP-2659] - Puppet stops working with error 'Attempted to pop, but already at root of the context stack.' * [PUP-2660] - purging ssh_authorized_key fails because of missing user value * [PUP-2689] - A node can't always collect its own exported resources * [PUP-2692] - Puppet master passenger processes keep growing * [PUP-2705] - Regression with external facts pluginsync not preserving executable bit ------------------------------------------------------------------- Tue May 27 12:03:10 UTC 2014 - boris@steki.net - Puppet 3.6.1 is a bug fix release in the Puppet 3.6 series. It also makes the transaction_uuid more reliably available to extensions. ------------------------------------------------------------------- Wed May 21 20:30:00 UTC 2014 - darin@darins.net - Update to 3.6.0 Bug Fixes * [PUP-530] - Installer for Puppet 3 does not check for hiera * [PUP-748] - PR (2067): Zypper provider install options - darix * [PUP-1041] - PR (2385) naginator not parsing blank parameters * [PUP-1114] - Deprecate environment configuration in puppet.conf * [PUP-1332] - "puppet resource service" fails on Ubuntu * [PUP-1547] - PR (2311) Undefined method `groups' for nil:NilClass * [PUP-1552] - V2.0 API reports Not Authorized as a "RUNTIME_ERROR" * [PUP-1585] - PR (2342) cron resources with target specified generate duplicate entries * [PUP-1586] - PR (2331) Cron Type sanity check for the command parameter is broken * [PUP-1624] - PR (2342) Cron handles crontab's equality of target and user strangely * [PUP-1749] - Puppet module tool does not work on Solaris * [PUP-1751] - PR (2383): Suse chkconfig --check boot.<service> always returns 1 whether the service is enabled/disabled. - m4ce Improvement * [PUP-485] - Add assert_type functions for type checks * [PUP-620] - (PR 2429) Add install_options to gem provider * [PUP-740] - Validator * [PUP-1174] - PR (2247) Ability to purge .ssh/authorized_keys * [PUP-1596] - Make modulepath, manifest, and config_version configurable per-environment * [PUP-1699] - Cache environments * [PUP-1769] - PR (2414) yum provider to support install_options * [PUP-1799] - New Function API For a full list of fixes and improvemtnts see: https://tickets.puppetlabs.com/secure/ReleaseNote.jspa?projectId=10102&version=11200 - removed puppet-3.3.1-systemd-units.patch ------------------------------------------------------------------- Wed May 21 19:06:40 UTC 2014 - darin@darins.net - Set proper ownership permission on /var/{lib,log}/puppet directories. ------------------------------------------------------------------- Fri Apr 25 12:45:03 UTC 2014 - vdziewiecki@suse.com -Version update: 3.5.1 is a backward-compatible features and fixes release in the Puppet 3 series. It fixes the problems that 3.5.0 caused with dynamic environments and the yumrepo provider, as well as a couple of smaller bugs. ------------------------------------------------------------------- Thu Apr 10 07:33:04 CEST 2014 - mhrusecky@suse.cz - display update message about systemd service rename only when relevant ------------------------------------------------------------------- Wed Apr 9 15:01:54 CEST 2014 - mhrusecky@suse.cz - update to puppet 3.5.0, see * http://docs.puppetlabs.com/puppet/3/reference/release_notes.html * http://docs.puppetlabs.com/puppet/latest/reference/release_notes.html - replaced puppet-3.3.1-systemd-units.patch with puppet-3.5.0-systemd-units.patch * adopted to the latest version - drooped puppet-2.6.6-yumconf.diff * doesn't apply anymore and upstream reworked yum module quite extensively * AFAIK we don't use yum anywhere - require facter > 1.6.0 as upstream does ------------------------------------------------------------------- Mon Apr 7 10:57:44 CEST 2014 - mhrusecky@suse.cz - finish migration to systemd - drop puppet-3.0.2-client-init-masterport.patch as there is no init script anymore - drop useless sysconfig files and provide compatibility %post scripts - puppet user is needed only for server - use upstream service names (and warn users) - little bit polished upstream unit files * added puppet-3.3.1-systemd-units.patch * https://github.com/puppetlabs/puppet/pull/2510 ------------------------------------------------------------------- Thu Jan 2 23:46:34 UTC 2014 - ben.kevan@gmail.com - removed patch puppet-3.0.2-init.patch, and replaced with puppet-3.0.2-client-init-masterport.patch because the original caused shutdown of puppet client on a puppetmaster to shutdown the puppet master. ------------------------------------------------------------------- Thu Oct 24 14:10:44 UTC 2013 - mrueckert@suse.de - refreshed puppet-2.6.6-yumconf.diff to make it apply cleanly ------------------------------------------------------------------- Thu Oct 24 13:54:14 UTC 2013 - mrueckert@suse.de - add puppetx to filelist ------------------------------------------------------------------- Thu Oct 24 13:49:00 UTC 2013 - mrueckert@suse.de - update to 3.3.1 for details see /usr/share/doc/packages/puppet/ChangeLog ------------------------------------------------------------------- Tue Sep 10 17:31:19 UTC 2013 - darin@darins.net - more specificity in packaging the extensions ------------------------------------------------------------------- Fri Sep 6 18:42:39 UTC 2013 - darin@darins.net - Install puppet extension data from ext/ - vim syntax and emacs-mode - openldap schema - rack config.ru and apache2.conf examples ------------------------------------------------------------------- Mon Sep 2 12:19:32 UTC 2013 - boris@steki.net - update to upstream version 3.2.4 - Security update to 3.2.x series - CVE-2013-4761 (resource_type Remote Code Execution Vulnerability) - CVE-2013-4956 (Puppet Module Permissions Vulnerability) ------------------------------------------------------------------- Sun Aug 4 10:33:11 UTC 2013 - boris@steki.net - update to upstream version 3.2.3 - Bugfix and performance release for Puppet 3.2 series - Bring back helpful error messages like prior to Puppet 3 - tagmail triggers in –onetime mode without changes after upgrade from 3.1.1 to 3.2.1 - Logging behaviour issues in 3.2.1 This was a regression in 3.2.0/3.2.1 ------------------------------------------------------------------- Thu Jun 20 08:20:47 UTC 2013 - boris@steki.net - update to upstream version 3.2.2 - Fix for CVE-2013-3567, see bnc#825878 - 3.2.2 is a security fix release of the Puppet 3.2 series. It has no other bug fixes or new features. - 3.2.0 (Not released version) - Experimental "Future" Parser With Iteration - Ruby 2.0 Support - OpenWRT OS Support - External CA Support - Better Profiling and Debugging of Slow Catalog Compilations - Splay Fixes for Puppet Agent - Cron Fixes - Module Tool Improvements - Hiera-Related Fixes - puppet:/// URIs Pointing to Symlinks Work Now - Puppet Apply Writes Data Files Now ------------------------------------------------------------------- Wed Mar 20 13:12:31 UTC 2013 - vdziewiecki@suse.com -Update to 3.1.1 -This fixes a lot of CVEs, see bnc#809839 ------------------------------------------------------------------- Thu Mar 14 11:40:46 UTC 2013 - schuetzm@gmx.net - The puppet agent unit file needs to take into account the settings from /etc/sysconfig/puppet. ------------------------------------------------------------------- Mon Feb 25 07:37:45 UTC 2013 - mlin@suse.com - Install puppet*.service accordingly (/usr/lib/systemd for 12.3 and up or /lib/systemd for older versions). ------------------------------------------------------------------- Sat Feb 16 15:59:56 UTC 2013 - aboe76@gmail.com - Updated to Puppet 3.1.0 which is a feature release for the 3.x series of Puppet: * Improvements When Loading Ruby Code * YARD API Documentation * YAML Node Cache Restored on Master Other bugfixes and improvements: * The Solaris package manager now supports the `holdable` feature (aka "freezing") (#16120) * `managehome => true` now works on Oracle Enterprise Linux 6 (#18298) * `create_resources` can now create virtual and exported resources (#15081) * SRV record improvements for fileserving and certificate service (#18161, #18162) ------------------------------------------------------------------- Fri Jan 18 14:34:23 UTC 2013 - vdziewiecki@suse.com - Modify puppet-3.0.2-init.patch: Don't use lock file and pid file at all - bnc#714649 - Do not use puppet-3.0.1-arg-err.patch and puppet-3.0.1-init.diff, since they have been upstreamed already. ------------------------------------------------------------------- Fri Jan 11 17:07:50 UTC 2013 - aeszter@gwdg.de - Add puppet-3.0.2-init.patch: fix lock file and pid file names ------------------------------------------------------------------- Sat Jan 5 03:13:28 UTC 2013 - boris@steki.net - Updated to latest upstream version 3.0.2 - Bugfix release * Full list of bugs can be found at: https://projects.puppetlabs.com/versions/337 Notable bugs: - Bug #15513: Resource type 'cron' fails with 'target' parameter - Bug #16178: Boolean false in a variable causes the puppet backend lookup to fail - Bug #17445: Race condition in logrotate config makes puppet agent crash. - Bug #17447: Puppet sysv init script faulty - Bug #17488: Puppet needlessly crashes when run unptivileged even with --noop ------------------------------------------------------------------- Fri Dec 7 16:05:04 UTC 2012 - aeszter@gwdg.de - Add puppet-3.0.1-arg-err.patch: fix http://projects.puppetlabs.com/issues/10963 ------------------------------------------------------------------- Wed Nov 21 15:21:02 UTC 2012 - aeszter@gwdg.de - do not use /var/lock/subsys for puppetmaster ------------------------------------------------------------------- Mon Nov 12 13:37:33 UTC 2012 - boris@steki.net - revert back from ruby-shadow to rubygem-ruby-shadow as required by openSUSE ruby packaging policies ------------------------------------------------------------------- Wed Oct 31 20:23:56 UTC 2012 - boris@steki.net - changed requirement of package back from rubygem-ruby-shadow to more common named ruby-shadow ------------------------------------------------------------------- Wed Oct 24 18:03:28 UTC 2012 - aboe76@gmail.com - Updated requirements for package puppet to include rubygem-ruby-shadow This is needed to make puppet modules to change passwd file ------------------------------------------------------------------- Tue Oct 23 21:01:38 UTC 2012 - aboe76@gmail.com - Updated to 3.0.1 - Updated puppet-3.0.1-init.diff so it functions with client.init from ext/suse/client.init - Fixed puppet.conf not in /ext/suse/ so got puppet.conf from ext/redhat/puppet.conf http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#3.0.1 - Bug #15717: puppet kick returns "Error: Could not find indirection 'run' / testip.example.com finished with exit code 2" - Bug #16585: Remove dead "ldapnodes" setting - Bug #16698: external node classifier script is not being called when storedconfigs is on - bug #16757: user cannot control loading of rubygems - Bug #16769: Apache "SSLOptions +ExportCertData" causes "header too long" error - Bug #16801: Puppet 3 debian init script has code using removed --servertype=mongrel option - Bug #16922: Could not intern from b64_zlib_yaml when fact value ends with a colon - Bug #17000: Puppet acceptance suite will get caught in a loop if agent fails to terminate for kick test - Refactor #16643: sample-module has hyphen in name which is only unofficially supported ------------------------------------------------------------------- Wed Aug 29 09:56:40 UTC 2012 - jatan@suse.de - Update to 2.7.19 http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.19 ------------------------------------------------------------------- Wed Jul 11 13:24:28 UTC 2012 - vdziewiecki@suse.com -Update to 2.7.18 CVEs fixed: -bnc#770828 - VUL-0: CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master -bnc#770829 - VUL-0: CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients -bnc#770827 - VUL-1: CVE-2012-3866: puppet: last_run_report.yaml left world-readable -bnc#770833 - VUL-1: CVE-2012-3867: puppet: insufficient input validation for agent certificate names ------------------------------------------------------------------- Tue Jul 3 19:53:18 UTC 2012 - jatan@suse.de - update to 2.7.17 * (maint) Add symlink stub to gentoo service provider spec * Add comment to upstart provider explaining exclusion of 'wait-for-state' * Upstart code cleanup, init provider improvement * Add spec test for network-interface-security * Add basic service resource test to upstart acceptance * Handle network-interface-security in upstart * Add exclude list to upstart provider * (#15027, #15028, #15029) Fix upstart version parsing * (maint) Add --test to puppet run ------------------------------------------------------------------- Tue Jul 3 19:02:48 UTC 2012 - jatan@suse.de - Copy from devel:openSUSE:Factory ------------------------------------------------------------------- Tue Jun 19 13:28:37 UTC 2012 - boris@steki.net - update to upstream 2.7.16 version * Significantly improve compilation performance when using modules * Add Puppet::Util::Platform to abstract platform checks * Default autoflushing of log files to true * Add Module Tool * bugfix releases for all bugs please read /usr/share/doc/packages/puppet/CHANGELOG ------------------------------------------------------------------- Thu Jun 14 22:41:53 UTC 2012 - boris@steki.net - updated to new upstream 2.7.11 version * for bugfixes informations please look in /usr/share/doc/packages/puppet/CHANGELOG ------------------------------------------------------------------- Wed Jun 13 09:12:06 UTC 2012 - coolo@suse.com - no need for vendor-specific ------------------------------------------------------------------- Tue Oct 25 13:56:49 UTC 2011 - vcizek@suse.com - update to 2.7.6 Security Fixes CVE-2011-3872 (AltNames vulnerability) Features and Enhancements User/group management on Windows Better file support on Windows Support plaintext password in Windows Bug Fixes Recognize more duplicate resources Allow multi-line exec resources Remove unnecessary deprecation warning in puppet resource Update pluginsync to only load ruby files. ------------------------------------------------------------------- Thu Sep 29 11:32:59 UTC 2011 - vcizek@suse.com - update to 2.7.4 - enhancement + security release: fixed CVE-2011-3848 (Resist directory traversal attacks through indirections) GigabitEthernet/TenGigabitEthernet are uncorrectly parsed Don’t rely on error message to detect UAC capable platform Allow cron vars to have leading whitespace ------------------------------------------------------------------- Thu Jun 23 08:26:59 UTC 2011 - vcizek@novell.com - update to 2.7.1 - a major feature release: Ruby 1.9 Support Deterministic Catalog Application Puppet Faces - a new API for creating new Puppet subcommands Manage Network Devices Dependency cycle reporting produces graph of the cycle - license changed to Apache-2.0 - see http://docs.puppetlabs.com/guides/faq#change-to-apache-license ------------------------------------------------------------------- Thu May 19 09:35:38 UTC 2011 - vcizek@novell.com - using correct port for puppet in the firewall rules (bnc#694825) ------------------------------------------------------------------- Tue Apr 5 13:38:04 UTC 2011 - vcizek@novell.com - fix logging setting (bnc#683441) ------------------------------------------------------------------- Mon Mar 14 09:39:35 UTC 2011 - vcizek@novell.com - update to 2.6.6 * fixed many bugs * licence has changed to GPLv2 (was GPLv2+) * some of the new features: - Manifests can now specify arbitrary data for file contents - Managed resource attributes can now be audited - Parameterised class support in external node classifiers - New puppet inspect application ------------------------------------------------------------------- Fri Jan 28 11:55:57 UTC 2011 - vcizek@novell.com - update to 2.6.4 * bugfixes: bnc#667867 Ship auth.conf as part of installing from source ------------------------------------------------------------------- Tue Oct 5 16:26:21 CEST 2010 - anicka@suse.cz - update to 2.6.1 * bugfixes, manpage fixes ------------------------------------------------------------------- Thu Aug 19 15:16:13 CEST 2010 - anicka@suse.cz - update to 2.6.0 * major release with many new configuration options and new language features ------------------------------------------------------------------- Mon Aug 16 16:46:36 CEST 2010 - anicka@suse.cz - respect sysconfig settings (bnc#620808) ------------------------------------------------------------------- Tue Jul 20 17:44:46 CEST 2010 - anicka@suse.cz - create puppet user not only for server package (bnc#623884) ------------------------------------------------------------------- Tue Mar 2 17:30:47 CET 2010 - anicka@suse.cz - update to 0.25.4 * bugfixes - create user puppet (fixes bnc#576453) ------------------------------------------------------------------- Wed Apr 15 15:42:41 CEST 2009 - mantel@suse.de - update to 0.24.8 ------------------------------------------------------------------- Mon Apr 6 15:32:43 CEST 2009 - mantel@suse.de - add zypper.rb plugin by Leo Eraly ------------------------------------------------------------------- Mon Feb 9 16:49:36 CET 2009 - anicka@suse.cz - update to 2.4.7 * Deprecate the NetInfo nameservice provider. Use directoryservice instead * Add macauthorization type * Refactoring the thread-safety in Puppet::Util * Removing the included testing gems; you must now install them yourself * Refactoring of SELinux functions to use native Ruby SELinux interface * Removing all mention of EPM, RPM, or Sun packages. * Replaced SELInux calls to binaries with Ruby SELinux bindings * Adding support to the user type for: profiles, auths, project, key/value pairs (extension to Solaris RBAC support added in 0.24.6) * Added a number of confines to package providers * lots of bugfixes - add sysconfig, firewall definitions, package init scripts (bnc#465778) ------------------------------------------------------------------- Tue Sep 9 17:42:21 CEST 2008 - anicka@suse.cz - update to 0.24.5 * You can now select the encoding format when transferring the catalog, with 'yaml' still being the default but 'marshal' being an option. * Removed support for the 'node_name' setting in LDAP and external node lookups. * Also removed support for 'default' nodes in external nodes. * Exporting or collecting resources no longer raises an exception when no storeconfigs is enabled, it just produces a warning. * Always using the cert name to store yaml files * Added support for the --all option to puppetca --clean. If puppetca --clean --all is issued then all client certificates are removed. * Resources now return the 'should' value for properties from the [] accessor method (they previously threw an exception when this method was used with properties). * Modified the 'master' handler to use the Catalog class to compile node configurations, rather than using the Configuration handler, which was never used directly. * Modified the 'master' handler (responsible for sending configurations to clients) to always return Time.now as its compile date, so configurations will always get recompiled. * Saving new facts now expires any cached node information. * Switching how caching is handled, so that objects now all have an expiration date associated with them. This makes it much easier to know whether a given cached object should be used or if it should be regenerated. * Changing the default environment to production. - fix installation script (man8 permissions) ------------------------------------------------------------------- Mon Sep 1 14:06:07 CEST 2008 - anicka@suse.cz - package created (version 0.24.4)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor