Ubuntu
puppet package

cacrl should be use instead of hostcrl when generating apache2 passenger configuration

Bug #641001 reported by Mathias Gug
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet (Ubuntu)
Fix Released
Medium
Mathias Gug
Maverick
Fix Released
Medium
Mathias Gug

Bug Description

Binary package hint: puppet

The cacrl is the actual file updated when a certificate is revoked. Thus it should also be used as the CRL file by apache2.

The impact is that apache2 ssl configuration uses the wrong CRL. Thus revoked puppet client won't be denied access to the puppet master by apache2.

See original description
Tags: server-mrs
Mathias Gug (mathiaz)
Changed in puppet (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
Mathias Gug (mathiaz)
Changed in puppet (Ubuntu):
importance: Medium → Low
Mathias Gug (mathiaz)
Changed in puppet (Ubuntu):
importance: Low → Medium
Mathias Gug (mathiaz)
description: updated
Mathias Gug (mathiaz)
Changed in puppet (Ubuntu Maverick):
assignee: nobody → Mathias Gug (mathiaz)
status: Triaged → In Progress
Thierry Carrez (ttx)
tags: added: server-mrs
Revision history for this message
Martin Pitt (pitti) wrote :

Mathias, can you please check this source package very carefully? It replaces debian/patches/debian-changes-2.6.1-0ubuntu1 withdebian/patches/debian-changes-2.6.1-0ubuntu2, and this patch looks like it would be the delta betwen 2.6.1rc4 and 2.6.1 final. This looks strange, as if something went wrong at uupdate time. The debian-changes* patches are actually the same, so I'll approve the new upload for this bug fix, but this might still be unintended here.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package puppet - 2.6.1-0ubuntu2

---------------
puppet (2.6.1-0ubuntu2) maverick; urgency=low

  * debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to
    set the location of the CRL in apache2 configuration. Fix apache2
    configuration on upgrade as well (LP: #641001).
 -- Mathias Gug <email address hidden> Tue, 21 Sep 2010 13:53:10 -0400

Changed in puppet (Ubuntu Maverick):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.