From owner-svn-ports-all@FreeBSD.ORG Sun Aug 18 17:11:01 2013 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 18D9EF98; Sun, 18 Aug 2013 17:11:01 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EB73F2155; Sun, 18 Aug 2013 17:11:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r7IHB0Ug007178; Sun, 18 Aug 2013 17:11:00 GMT (envelope-from brd@svn.freebsd.org) Received: (from brd@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r7IHAxRT006460; Sun, 18 Aug 2013 17:10:59 GMT (envelope-from brd@svn.freebsd.org) Message-Id: <201308181710.r7IHAxRT006460@svn.freebsd.org> From: Brad Davis Date: Sun, 18 Aug 2013 17:10:59 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r324930 - in branches/RELENG_9_2_0: security/vuxml sysutils/puppet sysutils/puppet27 X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2013 17:11:01 -0000 Author: brd (doc committer) Date: Sun Aug 18 17:10:59 2013 New Revision: 324930 URL: http://svnweb.freebsd.org/changeset/ports/324930 Log: MFH r324808 and r324813: Update sysutils/puppet to 3.2.4 and sysutils/puppet27 to 2.7.23. Approved by: portmgr (erwin@) and maintainer (swills@) Security: 2b2f6092-0694-11e3-9e8e-000c29f6ae42 Modified: branches/RELENG_9_2_0/security/vuxml/vuln.xml branches/RELENG_9_2_0/sysutils/puppet/Makefile branches/RELENG_9_2_0/sysutils/puppet/distinfo branches/RELENG_9_2_0/sysutils/puppet27/Makefile branches/RELENG_9_2_0/sysutils/puppet27/distinfo Directory Properties: branches/RELENG_9_2_0/ (props changed) Modified: branches/RELENG_9_2_0/security/vuxml/vuln.xml ============================================================================== --- branches/RELENG_9_2_0/security/vuxml/vuln.xml Sun Aug 18 16:13:02 2013 (r324929) +++ branches/RELENG_9_2_0/security/vuxml/vuln.xml Sun Aug 18 17:10:59 2013 (r324930) @@ -51,6 +51,43 @@ Note: Please add new entries to the beg --> + + puppet -- multiple vulnerabilities + + + puppet + 2.72.7.23 + 3.03.2.4 + + + + +

Puppet Labs reports:

+
+

By using the `resource_type` service, an attacker could + cause puppet to load arbitrary Ruby files from the puppet + master node's file system. While this behavior is not + enabled by default, `auth.conf` settings could be modified + to allow it. The exploit requires local file system access + to the Puppet Master.

+

Puppet Module Tool (PMT) did not correctly control + permissions of modules it installed, instead transferring + permissions that existed when the module was built.

+
+ + + + CVE-2013-4761 + CVE-2013-4956 + http://puppetlabs.com/security/cve/cve-2013-4761/ + http://puppetlabs.com/security/cve/cve-2013-4956/ + + + 2013-07-05 + 2013-08-16 + + + polarssl -- denial of service through unterminated loop in certificate parser Modified: branches/RELENG_9_2_0/sysutils/puppet/Makefile ============================================================================== --- branches/RELENG_9_2_0/sysutils/puppet/Makefile Sun Aug 18 16:13:02 2013 (r324929) +++ branches/RELENG_9_2_0/sysutils/puppet/Makefile Sun Aug 18 17:10:59 2013 (r324930) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= puppet -PORTVERSION= 3.2.3 +PORTVERSION= 3.2.4 CATEGORIES= sysutils MASTER_SITES= http://downloads.puppetlabs.com/puppet/ Modified: branches/RELENG_9_2_0/sysutils/puppet/distinfo ============================================================================== --- branches/RELENG_9_2_0/sysutils/puppet/distinfo Sun Aug 18 16:13:02 2013 (r324929) +++ branches/RELENG_9_2_0/sysutils/puppet/distinfo Sun Aug 18 17:10:59 2013 (r324930) @@ -1,2 +1,2 @@ -SHA256 (puppet-3.2.3.tar.gz) = 6a19927d6126b9f6f40e94997c0896a618da8983178ca0e30264122b70edf819 -SIZE (puppet-3.2.3.tar.gz) = 1782059 +SHA256 (puppet-3.2.4.tar.gz) = 8b38f4adee6237b8dd7b1956d90af97f2d0091245d6e30b708bbc8e333001358 +SIZE (puppet-3.2.4.tar.gz) = 1786216 Modified: branches/RELENG_9_2_0/sysutils/puppet27/Makefile ============================================================================== --- branches/RELENG_9_2_0/sysutils/puppet27/Makefile Sun Aug 18 16:13:02 2013 (r324929) +++ branches/RELENG_9_2_0/sysutils/puppet27/Makefile Sun Aug 18 17:10:59 2013 (r324930) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= puppet -PORTVERSION= 2.7.22 +PORTVERSION= 2.7.23 CATEGORIES= sysutils MASTER_SITES= http://downloads.puppetlabs.com/puppet/ Modified: branches/RELENG_9_2_0/sysutils/puppet27/distinfo ============================================================================== --- branches/RELENG_9_2_0/sysutils/puppet27/distinfo Sun Aug 18 16:13:02 2013 (r324929) +++ branches/RELENG_9_2_0/sysutils/puppet27/distinfo Sun Aug 18 17:10:59 2013 (r324930) @@ -1,2 +1,2 @@ -SHA256 (puppet-2.7.22.tar.gz) = bfd79c0aecdeea4e1a8573e9325fbcb48778603d908180e88897458f01fe06de -SIZE (puppet-2.7.22.tar.gz) = 2023230 +SHA256 (puppet-2.7.23.tar.gz) = 73bc0d5a2334dc484148141a32274703b65b78bf87ca41f7e2da1c38518ba490 +SIZE (puppet-2.7.23.tar.gz) = 2025639