[Bug 1267385] Re: Default file mode now 0600 instead of 0644 (regression in CVE-2013-4969 fix)
Launchpad Bug Tracker
1267385 at bugs.launchpad.net
Thu Jan 9 15:46:40 UTC 2014
This bug was fixed in the package puppet - 2.7.18-1ubuntu1.5
---------------
puppet (2.7.18-1ubuntu1.5) quantal-security; urgency=low
* SECURITY REGRESSION: Incorrect default file mode (LP: #1267385)
- debian/patches/CVE-2013-4969-regression.patch: fix incorrect file
mode in lib/puppet/type/file.rb, lib/puppet/util.rb,
spec/unit/type/file_spec.rb.
- CVE-2013-4969
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 09 Jan 2014 07:55:18 -0500
** Changed in: puppet (Ubuntu Quantal)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4969
** Changed in: puppet (Ubuntu Raring)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1267385
Title:
Default file mode now 0600 instead of 0644 (regression in
CVE-2013-4969 fix)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1267385/+subscriptions
More information about the Ubuntu-server-bugs
mailing list