puppet (2.6.4-2ubuntu2.2) natty-security; urgency=low
* SECURITY UPDATE: unauthenticated directory traversal allows writing of
arbitrary files as puppet master
- debian/patches/CVE-2011-3848.patch: update lib/puppet/indirector.rb,
lib/puppet/indirector/ssl_file.rb, lib/puppet/indirector/yaml.rb,
spec/unit/indirector/ssl_file.rb and spec/unit/indirector/yaml.rb to
perform proper input validation.
- CVE-2011-3848
- LP: #861182
* debian/patches/fix-rake-spec-missing-require.patch: allow 'rake spec'
to run again
Date: Wed, 28 Sep 2011 08:26:38 -0500
Changed-By: Jamie Strandboge <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/natty/+source/puppet/2.6.4-2ubuntu2.2
Format: 1.8
Date: Wed, 28 Sep 2011 08:26:38 -0500
Source: puppet
Binary: puppet-common puppet puppetmaster-common puppetmaster
puppetmaster-passenger vim-puppet puppet-el puppet-testsuite
Architecture: source
Version: 2.6.4-2ubuntu2.2
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Jamie Strandboge <[email protected]>
Description:
puppet - Centralized configuration management - agent startup and compatib
puppet-common - Centralized configuration management
puppet-el - syntax highlighting for puppet manifests in emacs
puppet-testsuite - Centralized configuration management - test suite
puppetmaster - Centralized configuration management - master startup and
compati
puppetmaster-common - Puppet master common scripts
puppetmaster-passenger - Centralised configuration management - master setup
to run under
vim-puppet - syntax highlighting for puppet manifests in vim
Launchpad-Bugs-Fixed: 861182
Changes:
puppet (2.6.4-2ubuntu2.2) natty-security; urgency=low
.
* SECURITY UPDATE: unauthenticated directory traversal allows writing of
arbitrary files as puppet master
- debian/patches/CVE-2011-3848.patch: update lib/puppet/indirector.rb,
lib/puppet/indirector/ssl_file.rb, lib/puppet/indirector/yaml.rb,
spec/unit/indirector/ssl_file.rb and spec/unit/indirector/yaml.rb to
perform proper input validation.
- CVE-2011-3848
- LP: #861182
* debian/patches/fix-rake-spec-missing-require.patch: allow 'rake spec'
to run again
Checksums-Sha1:
173513d9bc06a557ad707c3fbee140af958e865e 2296 puppet_2.6.4-2ubuntu2.2.dsc
1c33b08e360611a3e737eaad4cc2ab97d64d524a 35177
puppet_2.6.4-2ubuntu2.2.debian.tar.gz
Checksums-Sha256:
6fdf29cb3a44280559f3583424875c15181ba992192c900727a5295e396c1935 2296
puppet_2.6.4-2ubuntu2.2.dsc
f6c77c8751bb61849b43918d27cd0b257544e3517f1a5dc09f1c58d61b2eecab 35177
puppet_2.6.4-2ubuntu2.2.debian.tar.gz
Files:
6559289809aa9c75e08aca51f1f948d1 2296 admin optional
puppet_2.6.4-2ubuntu2.2.dsc
d401082053010ec8ff69ce821edf5bf1 35177 admin optional
puppet_2.6.4-2ubuntu2.2.debian.tar.gz
Original-Maintainer: Puppet Package Maintainers
<[email protected]>
--
Natty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/natty-changes
