[Pkg-puppet-devel] security fix for lenny

Nigel Kersten nigel at explanatorygap.net
Thu Feb 11 23:12:07 UTC 2010


I'm actually at the puppet dev training today/tomorrow, but will
absolutely have time within a week to get this done.

2010/2/11 micah <micah at riseup.net>:
>
> There currently is a unresolved security issue with the puppet package
> in lenny[0], it has to do with an issue that was fixed with the 0.25
> upload, and seems like it is relatively trivial to backport into the
> lenny puppet (at least according to the bug report[1] where Andrew
> indicates the git changeset that would fix it).
>
> Does anyone have a few spare cycles to make a debian package for the
> security team? I unfortunately will not be able to put any time into
> puppet for the next couple weeks. This should be relatively easy though:
> just pulling in that fix, making a changelog entry mentioning the CVE
> and closing the bug, and then sending the diffs to security at d.o.
>
> micah
>
> 0. http://security-tracker.debian.org/tracker/source-package/puppet
> 1. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551073
>
>
> --
> "It is no measure of health to be well adjusted to a profoundly sick society." - J Krishnamurti
>
> _______________________________________________
> Pkg-puppet-devel mailing list
> Pkg-puppet-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-puppet-devel
>
>



More information about the Pkg-puppet-devel mailing list