1.2.10 is a maintenance release of Puppet Dashboard. It includes contributions from Will Hopper and Moses Mendoza. Thanks to Aaron Patterson for the security content in commit e17269f.
This release is available for download at: https://downloads.puppetlabs.com/dashboard/puppet-dashboard-1.2.10.tar.gz Debian packages are available at https://apt.puppetlabs.com RPM packages are available at https://yum.puppetlabs.com See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs Redmine site, using an affected version of 1.2.10: http://projects.puppetlabs.com/projects/dashboard Documentation is available at: http://docs.puppetlabs.com/dashboard/index.html 1.2.10 Security Fixes/Highlights === *Patch puppet-dashboard for CVE-2012-2660 This commit adds a patch to actionpack to address CVE-2012-2660, unsafe query generation vulnerability. This patch is taken from Aaron Patterson on the rails security list: https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/8SA-M3as7A8 *(#11849) Add rake task to install cron job to clean up database reports This commit adds a rake task to install a monthly cron job to clean up old database reports, as suggested in official Puppet Labs documentation. This allows users to easily install the optional cron job while not risking undesired data loss for those who do not wish to have the job installed by default. 1.2.10 Changelog === Will Hopper (1) 5de691f (#11849) Add rake task to install cron job to clean up database reports Moses Mendoza (3) 07c75a3 cleanup on puppet-dashboard spec file b70344d create certs directory with installation d9b7eeb Install a default settings.yml file with database.yml e17269f Patch puppet-dashboard for CVE-2012-2660
signature.asc
Description: Message signed with OpenPGP using GPGMail
