[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] puppet n/a

Moritz Muehlenhoff jmm at debian.org
Wed Feb 28 12:16:38 UTC 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94956833 by Moritz Muehlenhoff at 2018-02-28T13:16:15+01:00
puppet n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -65543,9 +65543,9 @@ CVE-2017-2299 (Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.
 CVE-2017-2298 (The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a ...)
 	NOT-FOR-US: mcollective-sshkey-security plugin
 CVE-2017-2297 (Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not ...)
-	TODO: check
+	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2017-2296 (In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted ...)
-	TODO: check
+	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2017-2295 (Versions of Puppet prior to 4.10.1 will deserialize data off the wire ...)
 	{DSA-3862-1 DLA-1012-1}
 	- puppet 4.8.2-5 (bug #863212)
@@ -65555,7 +65555,7 @@ CVE-2017-2294 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 faile
 	- puppet <not-affected> (Doesn't affect Puppet as shipped in Debian)
 	NOTE: Puppet as shipped in Debian doesn't provide puppetdb yet
 CVE-2017-2293 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped ...)
-	TODO: check
+	- puppet <not-affected> (Specific to Puppet Enterprise)
 CVE-2017-2292 (Versions of MCollective prior to 2.10.4 deserialized YAML from agents ...)
 	- mcollective <unfixed> (bug #866711)
 	[jessie] - mcollective <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/94956833c30ebaa64bc3fb797dcabe316f0e9b93

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/94956833c30ebaa64bc3fb797dcabe316f0e9b93
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180228/cf1eb156/attachment.html>

More information about the Secure-testing-commits mailing list