subject:"Bug#850968\: CVE\-2016\-2788"

Bug#850968: CVE-2016-2788

2017-01-21 Thread Christian Hofstaedtler

* Moritz Muehlenhoff  [170121 23:16]:
> Source: mcollective
> 
> Please see https://puppet.com/security/cve/cve-2016-2788

Looks like the fix is in this commit/merge:
https://github.com/puppetlabs/marionette-collective/commit/4918a0f136aea04452b48a1ba29eb9aabcf5c97d

I've checked the 2.6.x branch and it appears to have the vulnerable
code too.

-- 
christian hofstaedtler

Bug#850968: CVE-2016-2788

2017-01-11 Thread Moritz Muehlenhoff

Source: mcollective
Severity: grave
Tags: security

Please see https://puppet.com/security/cve/cve-2016-2788

Cheers,
Moritz