<The CFEngine Blog

CFEngine 3.5.3 released

Posted by Mahesh Kumar
December 10, 2013

CFEngine 3.5.3 is now available for download. This is a maintenance release of CFEngine 3.5, and introduces a number of fixes and improvements to both Community and Enterprise editions.

Changes in the CFEngine Core:

  • Improved security checks of symlink ownership.

A symlink created by a user pointing to resources owned by a different user will no longer be followed.

  • Changed the way package versions are compared in package promises. (Redmine #3314)

In previous versions the comparison was inconsistent. This has been fixed, but may also lead to behavior changes in certain cases. In CFEngine 3.5.3, the comparison works as follows: <package-being-considered> <package_select> <package_version> For instance: apache-2.2.31 “>=” “2.2.0” will result in the package being installed. Bug fixes:

  • fix cf-monitord crash due to incorrect array initialization (Redmine #3180)
  • fix cf-serverd stat()‘ing the file tree every second (Redmine #3479)
  • correctly populate sys.hardware_addresses variable (Redmine #2936)
  • add support for Debian’s GNU/kfreebsd to build system (Redmine #3500)
  • fix possible stack corruption in guest_environments promises (Redmine #3552)
  • work-around hostname trunctation in HP-UX’s uname (Redmine #3517)
  • fix body copy purging of empty directories (Redmine #3429)
  • make discovery and loading of avahi libraries more robust
  • compile and packaging fixes for HP-UX, AIX and Solaris
  • fix fatal error in lsdir() when directory doesn’t exist (Redmine #3273)
  • fix epoch calculation for stime inrange calculation (Redmine #2921)

Enterprise-specific changes:

Bug fixes:

  • purge old data for promises with long promise handles (Redmine #3438)
  • fix constraint violation in PromiseDefinitions table which resulted in error everytime this table was loaded
  • enable update of promise definitions database from policy
  • fix cfengine3 init.d script to correctly detect debian systems with yum installed

Mission Portal:

  • various layout and UI fixes
  • fix editing of event trackers
  • speed up listing of hosts for promises not kept - maintain host context (Redmine #3474)
  • ability to manually add context filter in the SQL app (Redmine #3466)
  • host identifier settings simplified (Redmine #3101)

Packaging fixes:

  • Correct php.ini path in the packaged httpd (Redmine #3445)
  • Add missing mongodb tools in ubuntu/debian hub packages (Redmine #3444)
  • Fix manpath error for SLES (Redmine #3539)
  • Fix file permissions - some policy files had executable bit set (Redmine #3521)

The MD5 checksums for the various community packages are:

  • cfengine-3.5.3.tar.gz - c840eb0163924ca657ab180fe5a170b4
  • cfengine-community_3.5.3-1_amd64.deb
    • 2295f51e2d9c5ef1d500a0bcda5423ff
  • cfengine-community_3.5.3-1_i386.deb
    • d428a655dc35b62f88ce3e256fdda02c
  • cfengine-community-3.5.3-1.x86_64.rpm
    • e2bcd53204b4e549a6992e7b7c88344c
  • cfengine-community-3.5.3-1.i386.rpm
    • 355301ef5e379383ee51550856245da6

Community repositories will be updated shortly.

Try CFEngine Enterprise for free

Sign up for CFEngine Enterprise and connect up to 25 hosts for free. No credit card required. Get started in minutes.

Try enterprise for free