[USN-1223-2] Puppet regression
jamie at canonical.com
Wed Oct 5 22:12:55 UTC 2011
Ubuntu Security Notice USN-1223-2
October 05, 2011
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
USN-1223-1 caused a regression with managing SSH authorized_keys files.
- puppet: Centralized configuration management
USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on
Ubuntu 10.04 LTS that caused permission denied errors when managing SSH
authorized_keys files with Puppet. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Puppet unsafely opened files when the k5login type
is used to manage files. A local attacker could exploit this to overwrite
arbitrary files which could be used to escalate privileges. (CVE-2011-3869)
Ricky Zhou discovered that Puppet did not drop privileges when creating
SSH authorized_keys files. A local attacker could exploit this to overwrite
arbitrary files as root. (CVE-2011-3870)
It was discovered that Puppet used a predictable filename when using the
--edit resource. A local attacker could exploit this to edit arbitrary
files or run arbitrary code as the user invoking the program, typically
The problem can be corrected by updating your system to the following
Ubuntu 10.04 LTS:
In general, a standard system update will make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part
More information about the ubuntu-security-announce