[ubuntu/natty-security] puppet 2.6.4-2ubuntu2.9 (Accepted)

[Tyler Hicks]

puppet (2.6.4-2ubuntu2.9) natty-security; urgency=low

  * SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
    appdmg and pkgdmg providers
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1906
  * SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1986
  * SECURITY UPDATE: Denial of service via Filebucket text/marshall support
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1987
  * SECURITY UPDATE: Arbitrary code execution via Filebucket requests
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1988
  * debian/patches/fix-unpredictable-hash-ordering-tests.patch: Fix testsuite
    failures caused by hash randomization in Ruby

Date: Tue, 10 Apr 2012 11:47:14 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/puppet/2.6.4-2ubuntu2.9
-------------- next part --------------
Format: 1.8
Date: Tue, 10 Apr 2012 11:47:14 -0500
Source: puppet
Binary: puppet-common puppet puppetmaster-common puppetmaster puppetmaster-passenger vim-puppet puppet-el puppet-testsuite
Architecture: source
Version: 2.6.4-2ubuntu2.9
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 puppet     - Centralized configuration management - agent startup and compatib
 puppet-common - Centralized configuration management
 puppet-el  - syntax highlighting for puppet manifests in emacs
 puppet-testsuite - Centralized configuration management - test suite
 puppetmaster - Centralized configuration management - master startup and compati
 puppetmaster-common - Puppet master common scripts
 puppetmaster-passenger - Centralised configuration management - master setup to run under
 vim-puppet - syntax highlighting for puppet manifests in vim
Changes: 
 puppet (2.6.4-2ubuntu2.9) natty-security; urgency=low
 .
   * SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
     appdmg and pkgdmg providers
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1906
   * SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1986
   * SECURITY UPDATE: Denial of service via Filebucket text/marshall support
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1987
   * SECURITY UPDATE: Arbitrary code execution via Filebucket requests
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1988
   * debian/patches/fix-unpredictable-hash-ordering-tests.patch: Fix testsuite
     failures caused by hash randomization in Ruby
Checksums-Sha1: 
 36ac7267e24cad125bb3ee2024834bef9b3ebaa9 2299 puppet_2.6.4-2ubuntu2.9.dsc
 9c242ef8e72d7c99684684872df7146ba41ee57a 101869 puppet_2.6.4-2ubuntu2.9.debian.tar.gz
Checksums-Sha256: 
 16c688b96a16e0bce7d2726aa5a57aadee551671157a05826b57755098198fec 2299 puppet_2.6.4-2ubuntu2.9.dsc
 972b420e88d2be9f57d612e93ac3659f863c6d3d830350699ea4520af10c3822 101869 puppet_2.6.4-2ubuntu2.9.debian.tar.gz
Files: 
 81a39ff49ff5fa58506e19cb5a878cf1 2299 admin optional puppet_2.6.4-2ubuntu2.9.dsc
 962c40fab3005cfe590b23b392f37fc5 101869 admin optional puppet_2.6.4-2ubuntu2.9.debian.tar.gz
Original-Maintainer: Puppet Package Maintainers <pkg-puppet-devel at lists.alioth.debian.org>