[Pkg-puppet-devel] CVE-2012-3408 Puppet allows agents with certnames of IP addresses to be impersonated

Henri Salo henri at nerv.fi
Wed Jul 11 21:51:39 UTC 2012


Hello,

There is security vulnerability in Puppet. Could you tell me if Puppet packages in Debian are vulnerable or not? I can create bug-report of this if needed. I already added this to Debian security tracker.

CVE-2012-3408
http://puppetlabs.com/security/cve/cve-2012-3408/

- Henri Salo



More information about the Pkg-puppet-devel mailing list