puppet (2.7.11-1ubuntu3) quantal; urgency=low
* SECURITY UPDATE: Multiple July 2012 security issues
- debian/patches/2.7.17-Puppet-July-2012-CVE-fixes.patch: upstream
patch to fix multiple security issues.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3866: last_run_report.yaml report file is world readable and
leads to arbitrary file read on master by an agent
- CVE-2012-3867: insufficient input validation for agent cert hostnames
* debian/control: use ruby1.8 as Build-Depends-Indep to fix FTBFS
Date: Fri, 13 Jul 2012 12:45:14 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/quantal/+source/puppet/2.7.11-1ubuntu3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 13 Jul 2012 12:45:14 -0400
Source: puppet
Binary: puppet-common puppet puppetmaster-common puppetmaster
puppetmaster-passenger vim-puppet puppet-el puppet-testsuite
Architecture: source
Version: 2.7.11-1ubuntu3
Distribution: quantal
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
puppet - Centralized configuration management - agent startup and compatib
puppet-common - Centralized configuration management
puppet-el - syntax highlighting for puppet manifests in emacs
puppet-testsuite - Centralized configuration management - test suite
puppetmaster - Centralized configuration management - master startup and
compati
puppetmaster-common - Puppet master common scripts
puppetmaster-passenger - Centralised configuration management - master setup
to run under
vim-puppet - syntax highlighting for puppet manifests in vim
Changes:
puppet (2.7.11-1ubuntu3) quantal; urgency=low
.
* SECURITY UPDATE: Multiple July 2012 security issues
- debian/patches/2.7.17-Puppet-July-2012-CVE-fixes.patch: upstream
patch to fix multiple security issues.
- CVE-2012-3864: arbitrary file read on master from authenticated
clients
- CVE-2012-3865: arbitrary file delete or denial of service on master
from authenticated clients
- CVE-2012-3866: last_run_report.yaml report file is world readable and
leads to arbitrary file read on master by an agent
- CVE-2012-3867: insufficient input validation for agent cert hostnames
* debian/control: use ruby1.8 as Build-Depends-Indep to fix FTBFS
Checksums-Sha1:
7b2879c3cb2670bfca5d3ee99ac2e92ad9c8d07a 2588 puppet_2.7.11-1ubuntu3.dsc
bb85dd88f6a879bf829da2583b11cd131f5d1ebb 61151
puppet_2.7.11-1ubuntu3.debian.tar.gz
Checksums-Sha256:
7eb86a45e4aa76d5d4e30c926b0eb9cce0e53af8988fb2e0e4fafda7ecc0bf77 2588
puppet_2.7.11-1ubuntu3.dsc
9d51a228cbd075a2562181a5cccb6301fc8d2b400f64e686034c3efe78821cf9 61151
puppet_2.7.11-1ubuntu3.debian.tar.gz
Files:
c1cb270d25ef28eeca61da23439ae91d 2588 admin optional puppet_2.7.11-1ubuntu3.dsc
e847ffc4d33e137e2eaf9cffcfd7070f 61151 admin optional
puppet_2.7.11-1ubuntu3.debian.tar.gz
Original-Maintainer: Puppet Package Maintainers
<[email protected]>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJQAFxeAAoJEGVp2FWnRL6TTVMP/R8ClIp0pEc7diH5W+yTSPND
agco3/5dpXzzoo2nM3sdlhHTN5n97hN3LC+BeP4JJZTOtUynroXBawWd8hwBsjy9
M5f/o9WDXSc8wF2FusCV64Z5BjNZNwOoW5tPOLPKenUpL58WNP6lXDJ8+vOXpB1P
l7bUL/Rz+GcvtAhbHYZ5oqZj3W8CuIbeE/0MITi3gvVGRmZrmE8PS3YPArypVZcR
TZk65mcqvv8HW9AouXZ8znIncFCotG2Ty7Dl6BeyGbhm0B/P9+5dZB43EboTbR/1
w79tZrMMrCi9bWEw2V9ovLNoufOrajYRtoms+hPxBFttdv80VRYNBQLb7/5HYuJc
9JL2fa57KoSvlPTEM5K/cr+Q7h/I94sQvw4HNXH9qYnR12+xE9ooia3lrHHQdR3h
QPzPz6wv5qqJy44DLY+6SfJnT8dCWGSJ687FHsAz2y2ciiI1ZX0HmfIq2icRMnNl
u0jxi7KeQiwwqM2NGULSnqK6I3zJYq56e4VmtgukAKEoKIljNhRxy/9l+DtoHVv2
Iedy1+m8pGCqTBgXRDUYCZ1AvOsJ0eJNRovvbA5cOvfo6xxVTo1cbjjKHMPdP6aq
pB6AR6QLEiG8t4A887xtd2eeDQG1eNoY+q9DhPF4hyUqJ9hJ7WBQX0n+wEXJ32wp
r9UkoKRfDK/ZQtED9jsR
=/UUq
-----END PGP SIGNATURE-----
--
Quantal-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
