[ubuntu/precise] puppet 2.7.11-1ubuntu2 (Accepted)

Tyler Hicks tyhicks at canonical.com
Wed Apr 11 13:19:05 UTC 2012 

puppet (2.7.11-1ubuntu2) precise; urgency=low

  * SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
    appdmg and pkgdmg providers (LP: #978708)
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1906
  * SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1986
  * SECURITY UPDATE: Denial of service via Filebucket text/marshall support
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1987
  * SECURITY UPDATE: Arbitrary code execution via Filebucket requests
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1988
  * SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
    filename
    - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
    - CVE-2012-1989
  * debian/patches/puppet-12844: Re-fetch the patch from upstream since some
    missing pieces cause 'rake spec' to abort immediately

Date: Wed, 11 Apr 2012 03:55:10 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/puppet/2.7.11-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 11 Apr 2012 03:55:10 -0500
Source: puppet
Binary: puppet-common puppet puppetmaster-common puppetmaster puppetmaster-passenger vim-puppet puppet-el puppet-testsuite
Architecture: source
Version: 2.7.11-1ubuntu2
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 puppet     - Centralized configuration management - agent startup and compatib
 puppet-common - Centralized configuration management
 puppet-el  - syntax highlighting for puppet manifests in emacs
 puppet-testsuite - Centralized configuration management - test suite
 puppetmaster - Centralized configuration management - master startup and compati
 puppetmaster-common - Puppet master common scripts
 puppetmaster-passenger - Centralised configuration management - master setup to run under
 vim-puppet - syntax highlighting for puppet manifests in vim
Launchpad-Bugs-Fixed: 978708
Changes: 
 puppet (2.7.11-1ubuntu2) precise; urgency=low
 .
   * SECURITY UPDATE: Arbitrary file writes via predictable filename usage in
     appdmg and pkgdmg providers (LP: #978708)
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1906
   * SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1986
   * SECURITY UPDATE: Denial of service via Filebucket text/marshall support
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1987
   * SECURITY UPDATE: Arbitrary code execution via Filebucket requests
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1988
   * SECURITY UPDATE: Arbritrary file writes via predictable telnet output log
     filename
     - debian/patches/CVE-2012-1906_CVE-2012-1986_to_CVE-2012-1989.patch
     - CVE-2012-1989
   * debian/patches/puppet-12844: Re-fetch the patch from upstream since some
     missing pieces cause 'rake spec' to abort immediately
Checksums-Sha1: 
 8614e850ac5cc22dbaddc01430fcbe86dfe1716e 2585 puppet_2.7.11-1ubuntu2.dsc
 11c97ae6005683865a0081231ec153be465b2d12 47539 puppet_2.7.11-1ubuntu2.debian.tar.gz
Checksums-Sha256: 
 f933775a43022abb86ace5f92875dd9b4772fe7d984ba16855eace4c272207a0 2585 puppet_2.7.11-1ubuntu2.dsc
 83e82332a087757ce3f697d601f8da6f8630eb31aa3dbebe94d55e3dc35f0cd5 47539 puppet_2.7.11-1ubuntu2.debian.tar.gz
Files: 
 436a218779f48746654776043263f439 2585 admin optional puppet_2.7.11-1ubuntu2.dsc
 5f868bd4c4c208903f0b170d5a1b8da6 47539 admin optional puppet_2.7.11-1ubuntu2.debian.tar.gz
Original-Maintainer: Puppet Package Maintainers <pkg-puppet-devel at lists.alioth.debian.org>

More information about the Precise-changes mailing list