raring has seen the end of its life and is no longer receiving any
updates. Marking the raring task for this ticket as "Won't Fix".
** Changed in: puppet (Ubuntu Raring)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Server Team, whic
quantal has seen the end of its life and is no longer receiving any
updates. Marking the quantal task for this ticket as "Won't Fix".
** Changed in: puppet (Ubuntu Quantal)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Server Team, w
> Could you comment on that?
It's not a trivial fix for 2.7.x. Sorry for the late reply.
-Jeff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1068145
Title:
Fix for CVE-2012-3867
I see that the backport request for Precise, Quantal, and Raring has
been rejected. Where do we stand with this bug?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1068145
Title:
Fi
Agreed, however, from previous discussions with the maintainers I was
under the impression this wouldn't be a trivial fix for 2.7.x.
Jeff,
Could you comment on that?
Thanks
Adam
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet
FWIW I don't think you should rely solely on backports for this; if a
bug was introduced in -security then it should be fixed through the same
channel.
** Also affects: puppet (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Raring)
Importance: Undec
I've started the backport process here: https://bugs.launchpad.net
/precise-backports/+bug/1194901
If anyone is interested in testing out the packages on either Precise,
Quantal, or Raring and provide feedback on that backport request it
would be greatly appreciated! This will also help speed up t
Puppet 3.2.2 is in Saucy now. Will see how feasible it is to just do a
full backport into Precise.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1068145
Title:
Fix for CVE-2012-3867
3.2.1 is out, once it makes it way into Debian and then Ubuntu archive
I'll work on getting a possible backport accepted for Precise, Quantal
and Raring.
Thanks
Adam
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
htt
Jeff,
Thanks for the quick response. I'll make sure to monitor the mailing
list.
Thanks again,
Adam
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1068145
Title:
Fix for CVE-2012-3
On Fri, May 10, 2013 at 11:51 AM, Adam Stokes
wrote:
> Jeff,
>
> I've been searching through the documentation on puppet labs wiki but I
> am unable to find a tentative release date for 3.2.0. Do you have that
> information and if the date is set do you mind sharing that with me.
>
The best place
Jeff,
I've been searching through the documentation on puppet labs wiki but I
am unable to find a tentative release date for 3.2.0. Do you have that
information and if the date is set do you mind sharing that with me?
Thank you,
Adam
--
You received this bug notification because you are a membe
Yes, we're planning to release the fix for this issue in Puppet 3.2
which will hopefully go out as RC1 at the end of this week.
I'm not sure how difficult the backport to 2.7 will be, but we did so a
slight refactor after fixing the issue, so it is non-trivial at this
point. If you have any quest
Looks like upstream has a pending release to fix this issue positive
testing results from community.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1068145
Title:
Fix for CVE-2012-38
Marking Triaged, from the upstream bug report, it appears the fix is
non-trivial, so while I hope we can fix this in precise, it may not be
so simple.
** Changed in: puppet (Ubuntu)
Status: New => Triaged
** Also affects: puppet (Ubuntu Precise)
Importance: Undecided
Status: New
15 matches
Mail list logo