Update Puppet to 2.6.18 for various security fixes

BZ#920845 Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 see puppetlabs.com/security for more information. This commit also rebases the webrick compatibility patch to be a cherry-pick from upstream rather than a Fedora-specific patch. Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>
12 years ago · e22a5fac51
parent ba611d6989
commit e22a5fac51
3 changed files with 22 additions and 14 deletions
--- a/0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch
+++ b/0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch
@ -1,4 +1,4 @@
-From ec462b7b974fc34110437010f862780fb2ee39a3 Mon Sep 17 00:00:00 2001
+From 7bb4a6efee2f6f0c775df5f53b868e7c2e86919f Mon Sep 17 00:00:00 2001
 From: Daniel Drake <dsd@laptop.org>
 Date: Thu, 14 Feb 2013 15:05:10 -0600
 Subject: [PATCH] (#18781) Be more tolerant of old clients in WEBrick server
@ -16,15 +16,15 @@ Here we patch the WEBrick constant which specifies the maximum size of
 a HTTP GET request, increasing it to a value that should work for common
 setups.
 ---
- lib/puppet/util/monkey_patches.rb |    9 +++++++++
+ lib/puppet/util/monkey_patches.rb | 10 ++++++++++
- 1 file changed, 9 insertions(+)
+ 1 file changed, 10 insertions(+)
-Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
+diff --git a/lib/puppet/util/monkey_patches.rb b/lib/puppet/util/monkey_patches.rb
-===================================================================
+index ca19fa4..f7b13a5 100644
--- puppet-3.1.0.orig/lib/puppet/util/monkey_patches.rb
+--- a/lib/puppet/util/monkey_patches.rb
-+++ puppet-3.1.0/lib/puppet/util/monkey_patches.rb
+++ b/lib/puppet/util/monkey_patches.rb
-@@ -356,3 +356,13 @@ unless Dir.respond_to?(:mktmpdir)
+@@ -394,3 +394,13 @@ class OpenSSL::SSL::SSLContext
-     end
+     set_params(params)
   end
 end
 +
@ -37,3 +37,6 @@ Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
 +  WEBrick::HTTPRequest.const_set("MAX_URI_LENGTH", 8192)
 +  $VERBOSE = v
 +end
 -- 
 1.7.12.4 (Apple Git-37)
--- a/puppet.spec
+++ b/puppet.spec
@ -22,8 +22,8 @@
 %global ruby_version    %(ruby -rrbconfig -e 'puts RbConfig::CONFIG["ruby_version"]')
 Name:           puppet
-Version:        3.1.0
+Version:        3.1.1
-Release:        4%{?dist}
+Release:        1%{?dist}
 Summary:        A network tool for managing many disparate systems
 License:        ASL 2.0
 URL:            http://puppetlabs.com
@ -31,7 +31,8 @@ Source0:        http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.g
 Source1:        http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.gz.asc
 Source2:        puppet-nm-dispatcher
-Patch0:         puppetmaster-old-client-compat.patch
+# Pulled from upstream, will be released the next time they cut a release from master
 Patch0:         0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch
 Group:          System Environment/Base
@ -351,6 +352,10 @@ fi
 rm -rf %{buildroot}
 %changelog
 * Wed Mar 13 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.1-1
 - Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
 - CVE-2013-1655 CVE-2013-2274 CVE-2013-2275
 * Thu Mar 07 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.0-4
 - Disable systemd in F18 as per bz#873853
 - Update Patch0 to work with 3.1
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-4cbdcc9dfcda677c820175375a500651  puppet-3.1.0.tar.gz
+e942079612703a460a9fdb52e6bcae4a  puppet-3.1.1.tar.gz
-d2e905ef5ae97b8b196f508082fb4680  puppet-3.1.0.tar.gz.asc
+456e385fb52cccfcd2a809e899267fa8  puppet-3.1.1.tar.gz.asc
`@ -1,2 +1,2 @@`
	`4cbdcc9dfcda677c820175375a500651 puppet-3.1.0.tar.gz`	`e942079612703a460a9fdb52e6bcae4a puppet-3.1.1.tar.gz`
	`d2e905ef5ae97b8b196f508082fb4680 puppet-3.1.0.tar.gz.asc`	`456e385fb52cccfcd2a809e899267fa8 puppet-3.1.1.tar.gz.asc`