Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package puppet
puppet 5.5.10-2 (already in unstable) fixes an issue whereby the Puppet
master deserializes incoming agent reports producing variable output,
depending on the availability of a specific package in the system
(ruby-multi-json). This in turn can cause certain report processors
(notably PuppetDB) to fail. See #923976 for details.
Full source debdiff against testing attached.
Regards,
Apollon
unblock puppet/5.5.10-2
diff -Nru puppet-5.5.10/debian/changelog puppet-5.5.10/debian/changelog
--- puppet-5.5.10/debian/changelog 2019-01-16 10:56:17.000000000 +0200
+++ puppet-5.5.10/debian/changelog 2019-03-12 12:51:05.000000000 +0200
@@ -1,3 +1,9 @@
+puppet (5.5.10-2) unstable; urgency=medium
+
+ * Make sure oj does not use BigDecimals on data load (Closes: #923976)
+
+ -- Apollon Oikonomopoulos <apoi...@debian.org> Tue, 12 Mar 2019 12:51:05
+0200
+
puppet (5.5.10-1) unstable; urgency=medium
* New upstream bugfix release; see
diff -Nru
puppet-5.5.10/debian/patches/0009-Avoid-BigDecimals-when-loading-JSON-using-Oj.patch
puppet-5.5.10/debian/patches/0009-Avoid-BigDecimals-when-loading-JSON-using-Oj.patch
---
puppet-5.5.10/debian/patches/0009-Avoid-BigDecimals-when-loading-JSON-using-Oj.patch
1970-01-01 02:00:00.000000000 +0200
+++
puppet-5.5.10/debian/patches/0009-Avoid-BigDecimals-when-loading-JSON-using-Oj.patch
2019-03-12 12:51:05.000000000 +0200
@@ -0,0 +1,35 @@
+From: Apollon Oikonomopoulos <apoi...@debian.org>
+Date: Sun, 10 Mar 2019 01:22:29 +0200
+Subject: Avoid BigDecimals when loading JSON using Oj
+
+This is already done for JrJackson and needs to be done for Oj as well
+to avoid sending malformed reports to PuppetDB.
+
+Bug-Debian: https://bugs.debian.org/923976
+---
+ lib/puppet/util/json.rb | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/lib/puppet/util/json.rb b/lib/puppet/util/json.rb
+index 6baea59..ba2491b 100644
+--- a/lib/puppet/util/json.rb
++++ b/lib/puppet/util/json.rb
+@@ -32,13 +32,16 @@ module Puppet::Util
+ def self.load(string, options = {})
+ if defined? MultiJson
+ begin
+- # This ensures that JrJackson will parse very large or very small
++ # This ensures that JrJackson and Oj will parse very large or very
small
+ # numbers as floats rather than BigDecimals, which are serialized as
+ # strings by the built-in JSON gem and therefore can cause schema
errors,
+ # for example, when we are rendering reports to JSON using
`to_pson` in
+ # PuppetDB.
+- if MultiJson.adapter.name == "MultiJson::Adapters::JrJackson"
++ case MultiJson.adapter.name
++ when "MultiJson::Adapters::JrJackson"
+ options[:use_bigdecimal] = false
++ when "MultiJson::Adapters::Oj"
++ options[:bigdecimal_load] = :float
+ end
+
+ MultiJson.load(string, options)
diff -Nru puppet-5.5.10/debian/patches/series
puppet-5.5.10/debian/patches/series
--- puppet-5.5.10/debian/patches/series 2018-11-09 09:54:47.000000000 +0200
+++ puppet-5.5.10/debian/patches/series 2019-03-12 12:51:05.000000000 +0200
@@ -6,3 +6,4 @@
0007-Fix-service-listing-and-enable-disable-in-Debian.patch
0008-fix-locale-loading.patch
reproducible-build.patch
+0009-Avoid-BigDecimals-when-loading-JSON-using-Oj.patch
