[Git][security-tracker-team/security-tracker][master] puppetdb fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Nov 28 15:03:54 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
98764ca4 by Moritz Muehlenhoff at 2022-11-28T16:03:34+01:00
puppetdb fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -125123,7 +125123,7 @@ CVE-2021-27022 (A flaw was discovered in bolt-server and ace where running a tas
 	NOTE: https://puppet.com/security/cve/CVE-2021-27022/
 CVE-2021-27021 (A flaw was discovered in Puppet DB, this flaw results in an escalation ...)
 	[experimental] - puppetdb 7.10.1-1
-	- puppetdb <unfixed> (bug #990419)
+	- puppetdb 7.11.2-2 (bug #990419)
 	[buster] - puppetdb <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/cve-2021-27021/
 	NOTE: https://github.com/puppetlabs/puppetdb/commit/c146e624d230f7410fb648d58ae28c0e3cd457a2
@@ -125134,7 +125134,7 @@ CVE-2021-27020 (Puppet Enterprise presented a security risk by not sanitizing us
 	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2021-27019 (PuppetDB logging included potentially sensitive system information. ...)
 	[experimental] - puppetdb 7.10.1-1
-	- puppetdb <unfixed>
+	- puppetdb 7.11.2-2
 	[buster] - puppetdb <no-dsa> (Minor issue)
 	NOTE: https://puppet.com/security/cve/CVE-2021-27019/
 CVE-2021-27018 (The mechanism which performs certificate validation was discovered to  ...)
@@ -204426,7 +204426,7 @@ CVE-2020-7944 (In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0
 CVE-2020-7943 (Puppet Server and PuppetDB provide useful performance and debugging in ...)
 	- puppet <not-affected> (Doesn't affect Puppet masters (passenger-based) in Debian)
 	[experimental] - puppetdb 7.10.1-1
-	- puppetdb <unfixed> (low)
+	- puppetdb 7.11.2-2 (low)
 	[buster] - puppetdb <no-dsa> (Minor issue)
 	- puppetserver <itp> (bug #830904)
 	NOTE: https://puppet.com/security/cve/CVE-2020-7943/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98764ca44517f06df5c4a84639dec639bd6ac789

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98764ca44517f06df5c4a84639dec639bd6ac789
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221128/eb98350e/attachment.htm>

More information about the debian-security-tracker-commits mailing list