Diffusion puppet 8aa738340157

Merge remote-tracking branch 'cve/2.7rc' into 2.7.x
8aa738340157Unpublished
Actions

Tags

None

Referenced Files

None

Subscribers

None

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

Merge remote-tracking branch 'cve/2.7rc' into 2.7.x

cve/2.7rc: Update CHANGELOG lib/puppet.rb conf/redhat/puppet.spec for 2.7.18 Reject directory traversal in store report processor Tighten permissions on classfile, resourcefile, lastrunfile, and lastrunreport. Use "inspect" when listing certificates Don't allow the creation of SSL objects with invalid certnames Validate CSR CN and provided certname before signing Add specs for selector terminuses of file_{content,metadata} Fix whitespace inside parentheses Use head method to determine if file is in file bucket Always use the local file_bucket on master Fail more gracefully when finding module files if no file is specified Reject file requests containing .. Add Selector terminus for file_content/file_metadata Deprecate IP-based authentication

Details

Provenance

Andrew Parker <andy@puppetlabs.com>	Authored on
vanmeeuwen	Pushed on Jun 2 2015, 2:22 PM

Parents

rPUce300c02f7c6: Update CHANGELOG lib/puppet.rb conf/redhat/puppet.spec for 2.7.18
rPUecc52ed6dd10: Merge pull request #851 from joshcooper/ticket/2.7.x/11868-msi-provider

Branches

Unknown

Tags

Unknown

Event Timeline

Andrew Parker <andy@puppetlabs.com> committed rPU8aa738340157: Merge remote-tracking branch 'cve/2.7rc' into 2.7.x (authored by Andrew Parker <andy@puppetlabs.com>).Jul 11 2012, 3:10 AM

Merged Changes

ce300c02f7c6 Update CHANGELOG lib/puppet.rb conf/redhat/puppet.spec for 2.7.18
Author
Moses Mendoza <moses@puppetlabs.com>
Browse Repository
No Builds
No Audits
0fe3d39af1fc Merge branch 'store-report-processor' into security_fixes_2.7.18
Author
Moses Mendoza <moses@puppetlabs.com>
Browse Repository
No Builds
No Audits
d80478208d79 Reject directory traversal in store report processor
Author
Patrick Carlisle <patrick@puppetlabs.com>
Browse Repository
No Builds
No Audits
ab27570c0506 Merge branch 'clean-permissions-2.7.17' into security_fixes_2.7.18
Author
Moses Mendoza <moses@puppetlabs.com>
Browse Repository
No Builds
No Audits
18b0a3e91f4c Merge branch 'deprecate-ip-authentication-2.7.17' into security_fixes_2.7.18
Author
Moses Mendoza <moses@puppetlabs.com>
Browse Repository
No Builds
No Audits
9873ea8b1e10 Merge branch 'file-server-2.7.17' into security_fixes_2.7.18
Author
Moses Mendoza <moses@puppetlabs.com>
Browse Repository
No Builds
No Audits
fd44bf5e6d0d Tighten permissions on classfile, resourcefile, lastrunfile, and lastrunreport.
Author
Patrick Carlisle <patrick@puppetlabs.com>
Browse Repository
No Builds
No Audits
4d7c9fd9f65c Use "inspect" when listing certificates
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
bd2820ec6ee8 Don't allow the creation of SSL objects with invalid certnames
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
f3419620b420 Validate CSR CN and provided certname before signing
Author
Patrick Carlisle <patrick@puppetlabs.com>
Browse Repository
No Builds
No Audits
38c5a4efd8c3 Add specs for selector terminuses of file_{content,metadata}
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
9e920a8ed27c Fix whitespace inside parentheses
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
2d01c2bde3ea Use head method to determine if file is in file bucket
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
40ee670c60ed Always use the local file_bucket on master
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
d881b4b1cc7d Fail more gracefully when finding module files if no file is specified
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
20ab0e9ef00f Reject file requests containing ..
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits
10f6cb8969b4 Add Selector terminus for file_content/file_metadata
Author
Patrick Carlisle <patrick@puppetlabs.com>
Browse Repository
No Builds
No Audits
ab9150baa1b7 Deprecate IP-based authentication
Author
Nick Lewis <nick@puppetlabs.com>
Browse Repository
No Builds
No Audits

Changes (44)

Path

Size

conf/

redhat/

lib/

puppet/

application/

face/

file/

file_bucket/

indirection_hooks.rb

file_serving/

configuration.rb

indirection_hooks.rb

mount/

	terminus_selector.rb
	indirection_hooks.rb

indirector/

file_bucket_file/

file_content/

file_metadata/

network/

reports/

ssl/

certificate_authority.rb

certificate_authority/

spec/

integration/

file_serving/

content_spec.rb

metadata_spec.rb

network/

rest_authconfig_spec.rb

shared_behaviours/

file_serving.rb

file_serving_model.rb

unit/

file_serving/

configuration_spec.rb

content_spec.rb

indirection_hooks_spec.rb

metadata_spec.rb

mount/

modules_spec.rb

	terminus_selector_spec.rb
	indirection_hooks_spec.rb

indirector/

file_bucket_file/

selector_spec.rb

file_content/

selector_spec.rb

file_metadata/

selector_spec.rb

network/

handler/

reports/

ssl/

certificate_authority/

interface_spec.rb

certificate_authority_spec.rb

rPU8aa738340157

CHANGELOG

Loading...

conf/redhat/puppet.spec

Loading...

lib/puppet.rb

Loading...

lib/puppet/application/master.rb

Loading...

lib/puppet/defaults.rb

Loading...

lib/puppet/face/file/download.rb

Loading...

lib/puppet/file_bucket/file

Loading...

lib/puppet/file_bucket/file.rb

Loading...

lib/puppet/file_bucket/file/indirection_hooks.rb

Loading...

lib/puppet/file_serving/configuration.rb

Loading...

lib/puppet/file_serving/content.rb

Loading...

lib/puppet/file_serving/indirection_hooks.rb

Loading...

lib/puppet/file_serving/metadata.rb

Loading...

lib/puppet/file_serving/mount/modules.rb

Loading...

lib/puppet/file_serving/terminus_selector.rb

Loading...

lib/puppet/indirector/file_bucket_file/selector.rb

Loading...

lib/puppet/indirector/file_content/selector.rb

Loading...

lib/puppet/indirector/file_metadata/selector.rb

Loading...

lib/puppet/network/authstore.rb

Loading...

lib/puppet/reports/store.rb

Loading...

lib/puppet/ssl/base.rb

Loading...

lib/puppet/ssl/certificate_authority.rb

Loading...

lib/puppet/ssl/certificate_authority/interface.rb

Loading...

lib/puppet/ssl/host.rb

Loading...

spec/integration/file_bucket/file_spec.rb

Loading...

spec/integration/file_serving/content_spec.rb

Loading...

spec/integration/file_serving/metadata_spec.rb

Loading...

spec/integration/network/rest_authconfig_spec.rb

Loading...

spec/shared_behaviours/file_serving.rb

Loading...

spec/shared_behaviours/file_serving_model.rb

Loading...

spec/unit/file_serving/configuration_spec.rb

Loading...

spec/unit/file_serving/content_spec.rb

Loading...

spec/unit/file_serving/indirection_hooks_spec.rb

Loading...

spec/unit/file_serving/metadata_spec.rb

Loading...

spec/unit/file_serving/mount/modules_spec.rb

Loading...

spec/unit/file_serving/terminus_selector_spec.rb

Loading...

spec/unit/indirector/file_bucket_file/selector_spec.rb

Loading...

spec/unit/indirector/file_content/selector_spec.rb

Loading...

spec/unit/indirector/file_metadata/selector_spec.rb

Loading...

spec/unit/network/handler/ca_spec.rb

Loading...

spec/unit/reports/store_spec.rb

Loading...

spec/unit/ssl/certificate_authority/interface_spec.rb

Loading...

spec/unit/ssl/certificate_authority_spec.rb

Loading...