As per lutter; augmented fix for #896 to be configurable and defaulting to validate the server certificate, honoring CVE-2007-5162.

author: Jeffrey J McCune <jeff@northstarlabs.net> 2007-11-29 09:29:08 -0500
committer: Jeffrey J McCune <jeff@northstarlabs.net> 2007-11-29 09:29:08 -0500
commit: f94d6d3394dd0fa9ecf06b727cb7234fede7c960 (patch)
tree: 2125377ca163ad4c1da1a10dd1b2756c29fb8cef /CHANGELOG
parent: 8eecbe54c96cec0de492e7ae77211637b65057e8 (diff)
download: puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.tar.gz
puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.tar.xz
puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 04fb18791..d102a5116 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,8 @@
+    http_enable_post_connection_check added as a configuration
+    option for puppetd.  This defaults to true, which validates the server
+    SSL certificate against the requested host name in new versions of ruby.
+    See #896 for more information.
+
     Mounts no longer remount swap filesystems.
 
     Slightly modifying how services manage their list of paths
author	Jeffrey J McCune <jeff@northstarlabs.net>	2007-11-29 09:29:08 -0500
committer	Jeffrey J McCune <jeff@northstarlabs.net>	2007-11-29 09:29:08 -0500
commit	f94d6d3394dd0fa9ecf06b727cb7234fede7c960 (patch)
tree	2125377ca163ad4c1da1a10dd1b2756c29fb8cef /CHANGELOG
parent	8eecbe54c96cec0de492e7ae77211637b65057e8 (diff)
download	puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.tar.gz puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.tar.xz puppet-f94d6d3394dd0fa9ecf06b727cb7234fede7c960.zip