File _patchinfo of Package patchinfo.2945

<patchinfo incident="2945">
  <issue id="990638" tracker="bnc">Update cfengine to 3.7.3 (LTS)</issue>
  <issue id="320769" tracker="fate"/>
  <category>recommended</category>
  <rating>low</rating>
  <packager>leonardocf</packager>
  <description>
This update for cfengine, cfengine-masterfiles fixes the following issues:
CFEngine was updated from version 3.7.1 to 3.7.3, which brings fixes and
enhancements:

Behavior changes:

- classesmatching(): order of classes changed.
- Suppress standard services noise on SUSE.

Fixes:

- Reduce verbosity of yum and apt_get package modules.
- Parse def.json vars, classes in C.
- Namespaced classes can now be specified on the command line.
- getvalues() will now return a list also for data containers, and will descend
  recursively into the containers.
- @if minimum_version now correctly ignores lines starting with '@'.
- Fix definition of classes from augments file.
- Don't follow symbolic links when copying extended attributes.
- Fix cf-serverd error messages with classic protocol clients.
- The isvariable() function call now correctly accepts all array variables when
  specified inline. Previously it would not accept certain special characters,
  even though they could be specified indirectly by using a variable to hold it.
- Show errors regarding failure to copy extended attributes when doing a local
  file copy. Errors could happen when copying across two different mount points
  where the support for extended attributes is different between the mount points.
- Fix file descriptor leak when there are network errors.
- Fix a regression which would sometimes cause "Permission denied" errors on files
  inside directories with very restricted permissions.
- Check for empty server response in RemoteDirList after decryption.
- Allow def.json up to 5MB instead of 4K.
- Add guard for binary upgrade during bootstrap.
- Fix a bug which sometimes caused package promises to be skipped with "XX Another
  cf-agent seems to have done this since I started" messages in the log, most
  notably in long running cf-agent runs (longer than one minute).
- Define (bootstrap|failsafe)_mode during update.cf when triggerd from failsafe.cf.
- Fix two cases where action_policy warn still produces errors.
- Fix classes being set because of hash collision in the implementation.
- Installing packages containing version numbers using yum now works correctly.
- readfile() and read*list() should print an error if they fail to read file.
- If there is an error saving a mustache template file it is now logged with
  log-level error (was inform).
- Fixed several bugs which prevented CFEngine from loading libraries from the
  correct location.
- If file_select.file_types is set to symlink and there are regular files in the
  scanned directory, CFEngine no longer produces an unnecessary error message.
- cf-agent, cf-execd, cf-promises, cf-runagent and cf-serverd honor multiple -D,
  -N and -s arguments.
- Fix "@endif" keyword sometimes being improperly processed by policy parser.
- It is possible to edit the same value in multiple regions of one file.
- Fix select_class not setting class when used in common bundle with slist.
- Fix broken HA policy for 3rd disaster-recovery node.
- Directories should no more be changed randomly into files.
- Include latest security updates for 3.7.
- Reduce malloc() thread contention on heavily loaded cf-serverd, by not exiting
  early in the logging function, if no message is to be printed.
- Improve cf-serverd's lock contention because of getpwnam() call.
- action_policy "warn" now correctly produces warnings instead of various other
  verbosity levels.
- Improve efficiency and debug reports.
- Change package modules permissions on hub package so that hub can execute
  package promises.
- No longer hang when changing permissions/ownership on fifos.
- Fix exporting CSV reports through HTTPS.
- failsafe.cf will be created when needed.
- Mustache templates: Fix {{@}} key when value is not a primitive. The old
  behavior, when iterating across a map or array of maps, was to abort if the
  key was requested with {{@}}. The new behavior is to always replace {{@}} with
  either the key name or the iteration position in the array.  An error is
  printed if {{@}} is used outside of a Mustache iteration section.
- Legacy package promise: Result classes are now defined if the package being
  promised is already up to date.
- TTY detection should be more reliable.
</description>
  <summary>Recommended update for cfengine, cfengine-masterfiles</summary>
</patchinfo>