[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
raring has seen the end of its life and is no longer receiving any updates. Marking the raring task for this ticket as Won't Fix. ** Changed in: puppet (Ubuntu Raring) Status: Triaged = Won't Fix -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
quantal has seen the end of its life and is no longer receiving any updates. Marking the quantal task for this ticket as Won't Fix. ** Changed in: puppet (Ubuntu Quantal) Status: Triaged = Won't Fix -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
I see that the backport request for Precise, Quantal, and Raring has been rejected. Where do we stand with this bug? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Could you comment on that? It's not a trivial fix for 2.7.x. Sorry for the late reply. -Jeff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
I've started the backport process here: https://bugs.launchpad.net /precise-backports/+bug/1194901 If anyone is interested in testing out the packages on either Precise, Quantal, or Raring and provide feedback on that backport request it would be greatly appreciated! This will also help speed up the backport approval process. Thank you Adam -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
FWIW I don't think you should rely solely on backports for this; if a bug was introduced in -security then it should be fixed through the same channel. ** Also affects: puppet (Ubuntu Quantal) Importance: Undecided Status: New ** Also affects: puppet (Ubuntu Raring) Importance: Undecided Status: New ** Changed in: puppet (Ubuntu Quantal) Status: New = Triaged ** Changed in: puppet (Ubuntu Raring) Status: New = Triaged ** Changed in: puppet (Ubuntu Quantal) Importance: Undecided = High ** Changed in: puppet (Ubuntu Raring) Importance: Undecided = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Agreed, however, from previous discussions with the maintainers I was under the impression this wouldn't be a trivial fix for 2.7.x. Jeff, Could you comment on that? Thanks Adam -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Puppet 3.2.2 is in Saucy now. Will see how feasible it is to just do a full backport into Precise. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
3.2.1 is out, once it makes it way into Debian and then Ubuntu archive I'll work on getting a possible backport accepted for Precise, Quantal and Raring. Thanks Adam -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Jeff, I've been searching through the documentation on puppet labs wiki but I am unable to find a tentative release date for 3.2.0. Do you have that information and if the date is set do you mind sharing that with me? Thank you, Adam -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
On Fri, May 10, 2013 at 11:51 AM, Adam Stokes adam.sto...@canonical.comwrote: Jeff, I've been searching through the documentation on puppet labs wiki but I am unable to find a tentative release date for 3.2.0. Do you have that information and if the date is set do you mind sharing that with me. The best place to see the list of work targeted at Puppet 3.2.0 is at: http://projects.puppetlabs.com/projects/puppet/roadmap#3.2.0 We released 3.2.0rc2 this week. If there are no new issues reported ande introduced by the release of RC2 then we'll release Puppet 3.2.0 approximately 7 days after the release of RC2. As far as I know we haven't had any reported RC introduced issues, so there's a pretty good chance we'll release Puppet 3.2.0 sometime during the week of 13 May (next week). Unfortunately I can't give a specific date, nor is this information I'm providing authoritative. Eric Sorenson will make the final decision to cut the release, but we're looking pretty good for next week. Please keep an eye on the puppet-announce mailing list, which is one of the places the release announcement will be published. Hope this helps, -Jeff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Looks like upstream has a pending release to fix this issue positive testing results from community. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Yes, we're planning to release the fix for this issue in Puppet 3.2 which will hopefully go out as RC1 at the end of this week. I'm not sure how difficult the backport to 2.7 will be, but we did so a slight refactor after fixing the issue, so it is non-trivial at this point. If you have any questions or concerns please let me know, I'm getting all the updates on this issue directly to my inbox. -Jeff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1068145] Re: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break
Marking Triaged, from the upstream bug report, it appears the fix is non-trivial, so while I hope we can fix this in precise, it may not be so simple. ** Changed in: puppet (Ubuntu) Status: New = Triaged ** Also affects: puppet (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: puppet (Ubuntu Precise) Status: New = Triaged ** Changed in: puppet (Ubuntu Precise) Importance: Undecided = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/1068145 Title: Fix for CVE-2012-3867 (puppet) is too restrictive - TLS certificates now break To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1068145/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
