[ubuntu/karmic-security] puppet (delayed), puppet 0.24.8-2ubuntu4.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Mar 24 13:04:20 GMT 2010


puppet (0.24.8-2ubuntu4.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via incorrect permissions
    - lib/puppet/{util.rb,util/suidmanager.rb}: reset supplementary groups.
    - http://projects.reductivelabs.com/projects/puppet/repository/revisions/e32f980fd7c6291abc2841ede397c962798d9a9c/diff
    - CVE-2009-3564
  * SECURITY UPDATE: arbitrary file overwrite via temp file symlinks
    - lib/puppet/{daemon.rb,util.rb,util/reference.rb}: introduce new
      secure_open function and use it on temp files.
    - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0aae57f91dc69b22fb674f8de3a13c22edd07128/diff
    - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0dee418554151289b13136c43f0d1d6484efbac7/diff
    - CVE-2010-0156
  * Fix directory paths so test suite will run (LP: #488708)
    - test/lib/puppettest/support/utils.rb, test/lib/puppettest.rb

Date: Wed, 17 Mar 2010 09:44:13 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/puppet/0.24.8-2ubuntu4.1
-------------- next part --------------
Format: 1.8
Date: Wed, 17 Mar 2010 09:44:13 -0400
Source: puppet
Binary: puppet puppetmaster puppet-testsuite
Architecture: source
Version: 0.24.8-2ubuntu4.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 puppet     - centralised configuration management for networks
 puppet-testsuite - centralized configuration management control for networks
 puppetmaster - centralised configuration management control daemon
Changes: 
 puppet (0.24.8-2ubuntu4.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary file disclosure via incorrect permissions
     - lib/puppet/{util.rb,util/suidmanager.rb}: reset supplementary groups.
     - http://projects.reductivelabs.com/projects/puppet/repository/revisions/e32f980fd7c6291abc2841ede397c962798d9a9c/diff
     - CVE-2009-3564
   * SECURITY UPDATE: arbitrary file overwrite via temp file symlinks
     - lib/puppet/{daemon.rb,util.rb,util/reference.rb}: introduce new
       secure_open function and use it on temp files.
     - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0aae57f91dc69b22fb674f8de3a13c22edd07128/diff
     - http://projects.reductivelabs.com/projects/puppet/repository/revisions/0dee418554151289b13136c43f0d1d6484efbac7/diff
     - CVE-2010-0156
   * Fix directory paths so test suite will run (LP: #488708)
     - test/lib/puppettest/support/utils.rb, test/lib/puppettest.rb
Checksums-Sha1: 
 b964dd655a521f6abaa4673e8ae0e302768b3302 1517 puppet_0.24.8-2ubuntu4.1.dsc
 4c5f82e2d63c6c90cc3955a0d1f616e8d3d82bce 16108 puppet_0.24.8-2ubuntu4.1.diff.gz
Checksums-Sha256: 
 99da5083a92651de31b9b90c85f81bda83965fe8095eaa8c1e8fade270f02e49 1517 puppet_0.24.8-2ubuntu4.1.dsc
 9da13b32c4948a35e694d7573ad6b061f7590205972321c85bbebadfa9e6767e 16108 puppet_0.24.8-2ubuntu4.1.diff.gz
Files: 
 22118d6cf21742ca62796a0957bee5f8 1517 admin optional puppet_0.24.8-2ubuntu4.1.dsc
 228231bb7fafde0cd8555618017939ce 16108 admin optional puppet_0.24.8-2ubuntu4.1.diff.gz
Launchpad-Bugs-Fixed: 488708
Original-Maintainer: Puppet Package Maintainers <pkg-puppet-devel at lists.alioth.debian.org>


More information about the Karmic-changes mailing list