[Pkg-puppet-devel] security fix for lenny
micah anderson
micah at riseup.net
Thu Feb 11 23:30:17 UTC 2010
On Thu, 11 Feb 2010 17:56:31 -0500, micah <micah at lillypad.riseup.net> wrote:
>
> There currently is a unresolved security issue with the puppet package
> in lenny[0], it has to do with an issue that was fixed with the 0.25
> upload, and seems like it is relatively trivial to backport into the
> lenny puppet (at least according to the bug report[1] where Andrew
> indicates the git changeset that would fix it).
>
> Does anyone have a few spare cycles to make a debian package for the
> security team? I unfortunately will not be able to put any time into
> puppet for the next couple weeks. This should be relatively easy though:
> just pulling in that fix, making a changelog entry mentioning the CVE
> and closing the bug, and then sending the diffs to security at d.o.
Actually, nevermind. The issue has been determined to be of low
importance and the security team has already decided not to do a DSA for
it.
move along, nothing to see here...
micah
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/attachments/20100211/bc994212/attachment.pgp>
More information about the Pkg-puppet-devel
mailing list