Hello community, here is the log from the commit of package puppet for openSUSE:11.3 checked in at Thu Nov 10 16:11:48 CET 2011. -------- --- old-versions/11.3/UPDATES/all/puppet/puppet.changes 2011-11-01 11:54:32.000000000 +0100 +++ 11.3/puppet/puppet.changes 2011-11-08 17:39:27.000000000 +0100 @@ -1,0 +2,5 @@ +Tue Nov 8 15:56:02 UTC 2011 - vcizek@suse.com + +- added remediation toolkit for CVE-2011-3872 (bnc#72637) + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 New: ---- CVE-2011-3872.msg puppetlabs-cve20113872-0.0.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ puppet.spec ++++++ --- /var/tmp/diff_new_pack.7ckNZ9/_old 2011-11-10 15:44:08.000000000 +0100 +++ /var/tmp/diff_new_pack.7ckNZ9/_new 2011-11-10 15:44:08.000000000 +0100 @@ -21,7 +21,7 @@ Name: puppet Version: 0.25.4 -Release: 4.<RELEASE5> +Release: 4.<RELEASE7> License: GPLv2+ Group: Productivity/Networking/System Url: http://reductivelabs.com/projects/puppet/ @@ -29,6 +29,8 @@ Source1: puppetmaster.fw Source2: puppet.fw Source3: puppet.sysconfig +Source4: puppetlabs-cve20113872-0.0.5.tar.gz +Source5: CVE-2011-3872.msg Patch: %{name}-%{version}-yumconf.diff Patch1: %{name}-%{version}-init.diff Patch2: %{name}-%{version}-zypper.diff @@ -85,6 +87,7 @@ %patch5 -p1 %patch7 -p1 %patch8 -p1 +tar xf %{S:4} sed -i 's#/usr/local/bin/ruby#/usr/bin/ruby#' lib/puppet/external/nagios.rb %build @@ -108,6 +111,11 @@ install -m 644 %SOURCE1 $RPM_BUILD_ROOT/%{_fwdefdir}/puppet mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates cp %{S:3} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.puppet +mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name} +# avoid rpm warnings +find puppetlabs-cve20113872-0.0.5 -type f -exec chmod -x \{\} \; +cp -R puppetlabs-cve20113872-0.0.5 $RPM_BUILD_ROOT/%{_docdir}/%{name} +%suse_install_update_message %{S:5} %clean rm -rf $RPM_BUILD_ROOT @@ -139,6 +147,7 @@ %files %defattr(-,root,root,-) %doc CHANGELOG COPYING LICENSE README +%doc puppetlabs-cve20113872-0.0.5 %{_bindir}/pi %{_bindir}/filebucket %{_bindir}/puppet @@ -159,6 +168,7 @@ %{_sbindir}/puppetd %config %{_fwdefdir}/puppet /var/adm/fillup-templates/sysconfig.puppet +/var/adm/update-messages/%{name}-%{version}-%{release}-CVE-2011-3872.msg.txt %files server %defattr(-, root, root, 0755) ++++++ CVE-2011-3872.msg ++++++ Note: If you've set the 'certdnsnames' option in your master's puppet.conf file, merely installing the updated packages is not sufficient to fix this problem. You need to either pick a new DNS name for the master and reconfigure all agents to use it or re-new certificates on all agents. Please refer to the documentation in /usr/share/doc/packages/puppet/puppetlabs-cve20113872-0.0.5 for detailed instructions and scripts. Puppetlabs' site also provides more information: http://puppetlabs.com/security/cve/cve-2011-3872/faq/ http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerab... continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org