Update Puppet to 2.6.18 for various security fixes

BZ#920845

Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
CVE-2013-1655 CVE-2013-2274 CVE-2013-2275

see puppetlabs.com/security for more information.

This commit also rebases the webrick compatibility patch to be a cherry-pick
from upstream rather than a Fedora-specific patch.

Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>
epel9
Michael Stahnke 12 years ago
parent ba611d6989
commit e22a5fac51

@ -1,4 +1,4 @@
From ec462b7b974fc34110437010f862780fb2ee39a3 Mon Sep 17 00:00:00 2001
From 7bb4a6efee2f6f0c775df5f53b868e7c2e86919f Mon Sep 17 00:00:00 2001
From: Daniel Drake <dsd@laptop.org>
Date: Thu, 14 Feb 2013 15:05:10 -0600
Subject: [PATCH] (#18781) Be more tolerant of old clients in WEBrick server
@ -16,15 +16,15 @@ Here we patch the WEBrick constant which specifies the maximum size of
a HTTP GET request, increasing it to a value that should work for common
setups.
---
lib/puppet/util/monkey_patches.rb | 9 +++++++++
1 file changed, 9 insertions(+)
lib/puppet/util/monkey_patches.rb | 10 ++++++++++
1 file changed, 10 insertions(+)
Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
===================================================================
--- puppet-3.1.0.orig/lib/puppet/util/monkey_patches.rb
+++ puppet-3.1.0/lib/puppet/util/monkey_patches.rb
@@ -356,3 +356,13 @@ unless Dir.respond_to?(:mktmpdir)
end
diff --git a/lib/puppet/util/monkey_patches.rb b/lib/puppet/util/monkey_patches.rb
index ca19fa4..f7b13a5 100644
--- a/lib/puppet/util/monkey_patches.rb
+++ b/lib/puppet/util/monkey_patches.rb
@@ -394,3 +394,13 @@ class OpenSSL::SSL::SSLContext
set_params(params)
end
end
+
@ -37,3 +37,6 @@ Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
+ WEBrick::HTTPRequest.const_set("MAX_URI_LENGTH", 8192)
+ $VERBOSE = v
+end
--
1.7.12.4 (Apple Git-37)

@ -22,8 +22,8 @@
%global ruby_version %(ruby -rrbconfig -e 'puts RbConfig::CONFIG["ruby_version"]')
Name: puppet
Version: 3.1.0
Release: 4%{?dist}
Version: 3.1.1
Release: 1%{?dist}
Summary: A network tool for managing many disparate systems
License: ASL 2.0
URL: http://puppetlabs.com
@ -31,7 +31,8 @@ Source0: http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.g
Source1: http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.gz.asc
Source2: puppet-nm-dispatcher
Patch0: puppetmaster-old-client-compat.patch
# Pulled from upstream, will be released the next time they cut a release from master
Patch0: 0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch
Group: System Environment/Base
@ -351,6 +352,10 @@ fi
rm -rf %{buildroot}
%changelog
* Wed Mar 13 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.1-1
- Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
- CVE-2013-1655 CVE-2013-2274 CVE-2013-2275
* Thu Mar 07 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.0-4
- Disable systemd in F18 as per bz#873853
- Update Patch0 to work with 3.1

@ -1,2 +1,2 @@
4cbdcc9dfcda677c820175375a500651 puppet-3.1.0.tar.gz
d2e905ef5ae97b8b196f508082fb4680 puppet-3.1.0.tar.gz.asc
e942079612703a460a9fdb52e6bcae4a puppet-3.1.1.tar.gz
456e385fb52cccfcd2a809e899267fa8 puppet-3.1.1.tar.gz.asc

Loading…
Cancel
Save