Unless you've elected to use legacy storeconfigs (with activerecord), you are correct, your system should not be vulnerable.
stahnma On Mon, Feb 4, 2013 at 6:15 AM, Kodiak Firesmith <kfiresm...@gmail.com> wrote: > Hello fellow Puppet users! > > I'm trying to perform due diligence to make sure that our Puppet > installations aren't affected by all the RoR vulns in the news recently. > (http://www.kalzumeus.com/2013/01/31/what-the-rails-security-issue-means-for-your-startup/) > (http://www.informationweek.com/security/vulnerabilities/critical-ruby-on-rails-issue-threatens-2/240145891) > > I've been watching the PuppetLabs security > (https://puppetlabs.com/security/) page, and the RedHat CVE DB > (https://access.redhat.com/security/cve/) and haven't seen anything that > appears to directly affect a typical Puppet3 installation on RHEL 6 running > the latest RHEL6-supported Ruby (1.8.7.352-7). > > Is it safe to say that my platform is not affected? > > Thanks! > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
