Update Puppet to 2.6.18 for various security fixes

BZ#920845

Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
CVE-2013-1655 CVE-2013-2274 CVE-2013-2275

see puppetlabs.com/security for more information.

This commit also rebases the webrick compatibility patch to be a cherry-pick
from upstream rather than a Fedora-specific patch.

Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>

0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch

@@ -1,4 +1,4 @@
-From ec462b7b974fc34110437010f862780fb2ee39a3 Mon Sep 17 00:00:00 2001
+From 7bb4a6efee2f6f0c775df5f53b868e7c2e86919f Mon Sep 17 00:00:00 2001
 From: Daniel Drake <dsd@laptop.org>
 Date: Thu, 14 Feb 2013 15:05:10 -0600
 Subject: [PATCH] (#18781) Be more tolerant of old clients in WEBrick server
@@ -16,15 +16,15 @@ Here we patch the WEBrick constant which specifies the maximum size of
 a HTTP GET request, increasing it to a value that should work for common
 setups.
 ---
- lib/puppet/util/monkey_patches.rb |    9 +++++++++
- 1 file changed, 9 insertions(+)
+ lib/puppet/util/monkey_patches.rb | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
 
-Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
-===================================================================
---- puppet-3.1.0.orig/lib/puppet/util/monkey_patches.rb
-+++ puppet-3.1.0/lib/puppet/util/monkey_patches.rb
-@@ -356,3 +356,13 @@ unless Dir.respond_to?(:mktmpdir)
-     end
+diff --git a/lib/puppet/util/monkey_patches.rb b/lib/puppet/util/monkey_patches.rb
+index ca19fa4..f7b13a5 100644
+--- a/lib/puppet/util/monkey_patches.rb
++++ b/lib/puppet/util/monkey_patches.rb
+@@ -394,3 +394,13 @@ class OpenSSL::SSL::SSLContext
+     set_params(params)
    end
  end
 +
@@ -37,3 +37,6 @@ Index: puppet-3.1.0/lib/puppet/util/monkey_patches.rb
 +  WEBrick::HTTPRequest.const_set("MAX_URI_LENGTH", 8192)
 +  $VERBOSE = v
 +end
+-- 
+1.7.12.4 (Apple Git-37)
+

puppet.spec

@@ -22,8 +22,8 @@
 %global ruby_version    %(ruby -rrbconfig -e 'puts RbConfig::CONFIG["ruby_version"]')
 
 Name:           puppet
-Version:        3.1.0
-Release:        4%{?dist}
+Version:        3.1.1
+Release:        1%{?dist}
 Summary:        A network tool for managing many disparate systems
 License:        ASL 2.0
 URL:            http://puppetlabs.com
@@ -31,7 +31,8 @@ Source0:        http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.g
 Source1:        http://downloads.puppetlabs.com/%{name}/%{name}-%{version}.tar.gz.asc
 Source2:        puppet-nm-dispatcher
 
-Patch0:         puppetmaster-old-client-compat.patch
+# Pulled from upstream, will be released the next time they cut a release from master
+Patch0:         0001-18781-Be-more-tolerant-of-old-clients-in-WEBrick-ser.patch
 
 Group:          System Environment/Base
 
@@ -351,6 +352,10 @@ fi
 rm -rf %{buildroot}
 
 %changelog
+* Wed Mar 13 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.1-1
+- Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
+- CVE-2013-1655 CVE-2013-2274 CVE-2013-2275
+
 * Thu Mar 07 2013 Michael Stahnke <stahnma@puppetlabs.com> - 3.1.0-4
 - Disable systemd in F18 as per bz#873853
 - Update Patch0 to work with 3.1

sources

@@ -1,2 +1,2 @@
-4cbdcc9dfcda677c820175375a500651  puppet-3.1.0.tar.gz
-d2e905ef5ae97b8b196f508082fb4680  puppet-3.1.0.tar.gz.asc
+e942079612703a460a9fdb52e6bcae4a  puppet-3.1.1.tar.gz
+456e385fb52cccfcd2a809e899267fa8  puppet-3.1.1.tar.gz.asc