summaryrefslogtreecommitdiff
path: root/omnibus
Commit message (Collapse)AuthorAgeFilesLines
* Update omnibus to pack inspec-core.jq/use_inspec_coreJared Quick2018-05-082-28/+0
| | | | Signed-off-by: Jared Quick <jquick@chef.io>
* Bump omnibus Gemfile.lock to pull in license_scout 1.0.2Bryan McLellan2018-04-241-4/+4
| | | | Signed-off-by: Bryan McLellan <btm@loftninjas.org>
* Merge pull request #7111 from chef/sp/issue/7103Thom May2018-04-191-1/+1
|\ | | | | Windows MSI: files are now re-unzipped during repair mode
| * Attempt to unzip files even if in repair modesp/issue/7103Stuart Preston2018-04-021-1/+1
| | | | | | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* | bump omnibusLamont Granquist2018-04-131-10/+10
| | | | | | | | | | | | tested this in CI builds and it was working. Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* | Update InSpec to 2.1.21Tim Smith2018-04-021-8/+8
|/ | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump Ruby to 2.5.1 and update release notesruby_and_libxml2_cvesTim Smith2018-03-291-6/+6
| | | | | | | | | | | | https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/ https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/ https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/ https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/ https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/ https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/ https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ Signed-off-by: Tim Smith <tsmith@chef.io>
* Update openssl to 1.0.2oTim Smith2018-03-271-6/+6
| | | | | | This addresses https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739 Signed-off-by: Tim Smith <tsmith@chef.io>
* Merge pull request #7051 from chef/tm/inspec_2Tim Smith2018-03-262-0/+29
|\ | | | | Ship InSpec 2
| * Ship InSpec 2Thom May2018-03-242-0/+29
| | | | | | | | Signed-off-by: Thom May <thom@chef.io>
* | Parser 2.5.0.4 was yankedTim Smith2018-03-261-5/+5
|/ | | | | | We missed 2 changelog updates due to this so I'm manually adding them Signed-off-by: Tim Smith <tsmith@chef.io>
* Use the latest libarchive/bzip2 defs in omnibususe_libarchiveTim Smith2018-03-221-8/+9
| | | | | | This gets us bz2 support in libarchive Signed-off-by: Tim Smith <tsmith@chef.io>
* Use Chef omnibus def that includes libarchiveTim Smith2018-03-161-8/+8
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* bump omnibus-software to pick up solaris11/sparc fixLamont Granquist2018-03-091-6/+6
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* bump omnibus to pull in ruby/windows-32 compile fixLamont Granquist2018-03-091-8/+8
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Bump kitchen-vagrant correctly in Gemfile.lockStuart Preston2018-03-031-1/+1
| | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* Bump Chef.PowerShell assemblyStuart Preston2018-03-031-2/+2
| | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* Initial commit of new Chef PowerShell supportStuart Preston2018-03-032-1/+31
| | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* add a temp pin so we don't revisit this constantlyLamont Granquist2018-02-282-0/+4
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* remove ohai 14.0.0Lamont Granquist2018-02-281-7/+7
| | | | | | crept in from local gem sets on workstations Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* chefstyle/omnibus-software/omnibus back to masterLamont Granquist2018-02-282-8/+8
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* bump omnibus depsThom May2018-02-282-17/+19
| | | | Signed-off-by: Thom May <thom@chef.io>
* Use the updated inspec gem - 1.51.18updates2Tim Smith2018-02-121-11/+21
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Use the license_scout that comes with Omnibus gemtduffield/license_scout/pin-to-1.xTom Duffield2018-02-082-35/+18
| | | | Signed-off-by: Tom Duffield <tom@chef.io>
* Remove testing of Debian 7bye_debian_7Tim Smith2018-02-041-4/+0
| | | | | | Debian 7 goes EOL 31st May 2018 Signed-off-by: Tim Smith <tsmith@chef.io>
* Updating refs to omnibussp/faster-msiStuart Preston2018-01-291-8/+8
| | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* Add MSIFASTINSTALL property, supported by Windows Installer 5.0Stuart Preston2018-01-291-0/+7
| | | | Signed-off-by: Stuart Preston <stuart@chef.io>
* Force the creation of a relative link for cacertstm/ca_me_harderThom May2018-01-261-3/+3
| | | | Signed-off-by: Thom May <thom@chef.io>
* use a relative link so that docker does not drop our ca bundle linktm/fix_ca_certsThom May2018-01-261-13/+15
| | | | Signed-off-by: Thom May <thom@chef.io>
* Update to Ruby 2.4.3ruby243Tim Smith2018-01-051-15/+13
| | | | | | | | | This resolves this CVE https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/ It also backports a few bugfixes from 2.5.0: https://github.com/ruby/ruby/compare/v2_4_2...v2_4_3 Signed-off-by: Tim Smith <tsmith@chef.io>
* Update for openssl 1.0.2n and inspec 1.48Tim Smith2017-12-071-17/+17
| | | | | | | | | Resolves: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3738 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3737 Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump openssl and rubygems to latestTim Smith2017-11-061-12/+12
| | | | | | | | | | | | | | | | openssl: CVE-2017-3736 (OpenSSL advisory) [Moderate severity] 2nd November 2017: There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. Reported by Google OSS-Fuzz. CVE-2017-3735 (OpenSSL advisory) [Low severity] 28th August 2017: While parsing an IPAdressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. Reported by Google OSS-Fuzz. rubygems: Whitelist classes and symbols that are in loaded YAML. See CVE-2017-0903 for full details. Fix by Aaron Patterson. Signed-off-by: Tim Smith <tsmith@chef.io>
* Use latest omnibus-softwareupdate_depsTim Smith2017-10-251-18/+22
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Don't spin in powershell module that launches chef processesksubrama/SUSTAIN-731Kartik Null Cating-Subramanian2017-10-061-8/+15
| | | | Signed-off-by: Kartik Null Cating-Subramanian <ksubramanian@chef.io>
* update to latest omnibus software for libxml fixesThom May2017-09-281-16/+14
| | | | Signed-off-by: Thom May <thom@chef.io>
* update ruby versiontm/2_4_2Thom May2017-09-141-24/+27
| | | | Signed-off-by: Thom May <thom@chef.io>
* Bump omnibus-software versiontm/fix_6060Thom May2017-08-081-12/+12
| | | | Signed-off-by: Thom May <thom@chef.io>
* Updating / fixing deps to fix acceptance (#6292)Bryan McLellan2017-07-241-7/+7
| | | | | | | | | | * Remove call to update_omnibus_overrides The rake tasks `update_omnibus_overrides` was removed in dafd5139338aed684410e311b9be906b346db678. * Update acceptance/Gemfile.lock to match Gemfile.lock for mixlib-shellout This should fix acceptance where we're seeing both mixlib-shellout 2.3.1 and 2.3.2.
* Update omnibusjsinha/BEN-180Jaymala Sinha2017-07-201-9/+9
| | | | Signed-off-by: Jaymala Sinha <jsinha@chef.io>
* Rename IPS symlinks resource to projectnameJaymala Sinha2017-07-201-0/+0
| | | | | | | | | | | | Since the symlinks created inside /usr/bin conflict between our "Angry" and mainstream projects on our testers, we are updating IPS the packaging to override "projectname-symlinks.erb" if it exists. We are leaving symlinks.erb for backward compatibilty. PRs with resource filename updates in chef and omnibus-toolchain will follow this PR. Related omnibus PR: https://github.com/chef/omnibus/pull/793 Signed-off-by: Jaymala Sinha <jsinha@chef.io>
* Fix solaris/x86 buildstm/fix_solaris_libtoolThom May2017-07-141-8/+8
| | | | | | The actual fix is chef/omnibus-software#864 Signed-off-by: Thom May <thom@chef.io>
* Update SHA1 fingerprint for MSI signing certschisamo/update-msi-signing-certSeth Chisamore2017-07-131-2/+2
| | | | | | The cert has been updated as the old one expires on 2017-07-25. Signed-off-by: Seth Chisamore <schisamo@chef.io>
* Update omnibus pinning to enable automated s3 omnibus cache populationshain/update_omnibusScott Hain2017-07-121-14/+14
| | | | Signed-off-by: Scott Hain <shain@chef.io>
* update comment about nokogiriLamont Granquist2017-07-101-2/+4
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* move nokogiri config to omnibusLamont Granquist2017-07-101-0/+3
| | | | | | | | | this hand-builds it with the software dep, and its not a direct dep of chef itself and shouldn't be in the Gemfile.lock anyway, plus we need to pin via omnibus_overrides.rb and double-pinning in the Gemfile.lock is just added fussiness Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* bump zlib to 1.2.11tm/zlibThom May2017-06-161-10/+10
| | | | Signed-off-by: Thom May <thom@chef.io>
* Copy chef gems in placetm/copy_gemsThom May2017-05-311-18/+20
| | | | | | Provided by chef/omnibus-software#836 Signed-off-by: Thom May <thom@chef.io>
* simplify omnibus config and greenify builds againLamont Granquist2017-05-0926-843/+26
| | | | | | | | | | | | | | this is also necessary for bundler-1.14.x i'm still not entirely clear why we ever needed all the fussy software gem configs or what the build-chef / build-chef-gem infrastructure ever did for us. it seems to have been mostly micro-optimization around building the software gems before bundle installing the project in order to take advantage of git caching. i aggressively don't care about that, this is quite fast enough. we can install nokogiri and libgecode early and that should take care of 98% of the build optimization issue. Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Use updated omnibus softwaretm/chase_gemsThom May2017-04-122-3/+2
| | | | | | Fixes: #6049 Signed-off-by: Thom May <thom@chef.io>
* install gem command manuallyThom May2017-04-122-13/+14
| | | | Signed-off-by: Thom May <thom@chef.io>
View Lorry Controller Status