[ubuntu/natty-security] puppet 2.6.4-2ubuntu2.10 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 12 17:03:37 UTC 2012 

puppet (2.6.4-2ubuntu2.10) natty-security; urgency=low

  * SECURITY UPDATE: multiple July 2012 security issues
    - debian/patches/2.6.4-Puppet-July-2012-CVE-fixes.patch: fix multiple
      security issues. Patch from upstream, with an additional fix to
      lib/puppet/reports/store.rb.
    - CVE-2012-3864: arbitrary file read on master from authenticated
      clients
    - CVE-2012-3865: arbitrary file delete or denial of service on master
      from authenticated clients
    - CVE-2012-3867: insufficient input validation for agent cert hostnames

Date: Tue, 10 Jul 2012 08:24:35 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/puppet/2.6.4-2ubuntu2.10
-------------- next part --------------
Format: 1.8
Date: Tue, 10 Jul 2012 08:24:35 -0400
Source: puppet
Binary: puppet-common puppet puppetmaster-common puppetmaster puppetmaster-passenger vim-puppet puppet-el puppet-testsuite
Architecture: source
Version: 2.6.4-2ubuntu2.10
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 puppet     - Centralized configuration management - agent startup and compatib
 puppet-common - Centralized configuration management
 puppet-el  - syntax highlighting for puppet manifests in emacs
 puppet-testsuite - Centralized configuration management - test suite
 puppetmaster - Centralized configuration management - master startup and compati
 puppetmaster-common - Puppet master common scripts
 puppetmaster-passenger - Centralised configuration management - master setup to run under
 vim-puppet - syntax highlighting for puppet manifests in vim
Changes: 
 puppet (2.6.4-2ubuntu2.10) natty-security; urgency=low
 .
   * SECURITY UPDATE: multiple July 2012 security issues
     - debian/patches/2.6.4-Puppet-July-2012-CVE-fixes.patch: fix multiple
       security issues. Patch from upstream, with an additional fix to
       lib/puppet/reports/store.rb.
     - CVE-2012-3864: arbitrary file read on master from authenticated
       clients
     - CVE-2012-3865: arbitrary file delete or denial of service on master
       from authenticated clients
     - CVE-2012-3867: insufficient input validation for agent cert hostnames
Checksums-Sha1: 
 415663d97e1d24364a562679fe13e80798e19e34 2303 puppet_2.6.4-2ubuntu2.10.dsc
 70b344f9382581de60327e15c034d06912c128b4 115305 puppet_2.6.4-2ubuntu2.10.debian.tar.gz
Checksums-Sha256: 
 37f4bd832a0386dce079120a8d56e40c337b675e04571a52f9b6d9d3a4748e70 2303 puppet_2.6.4-2ubuntu2.10.dsc
 22134e60ab25ea3e6d0633e310cfdd9d44745b1222217947d7b5651e50abbb08 115305 puppet_2.6.4-2ubuntu2.10.debian.tar.gz
Files: 
 199c407c7510b95dd89564a65ee36832 2303 admin optional puppet_2.6.4-2ubuntu2.10.dsc
 9c5c0acac90094d1be24bfd7f7b23d44 115305 admin optional puppet_2.6.4-2ubuntu2.10.debian.tar.gz
Original-Maintainer: Puppet Package Maintainers <pkg-puppet-devel at lists.alioth.debian.org>

More information about the Natty-changes mailing list